TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - December 18th 2020 - Targeting Israel


◆The Week in Ransomware - December 18th 2020 - Targeting Israel (BleepingComputer, 2020/12/18 17:59)



◆Intel's Habana Labs hacked by Pay2Key ransomware, data stolen (BleepngComputer, 2020/12/13 13:19)

Ransomware: Pay2Key

◆New Conti variant (Twitter(S!ri), 2020/12/13)

Ransomware: Conti
拡張子: .KCWTT


◆New Ouroboros ransomware variant (Twitter(S!Ri), 2020/12/14)

Ransomware: Ouroboros
拡張子: .Sophos


◆New Zeoticus variant (Twitter(MalwareHunterTeam), 2020/12/14)

Ransomware: Zeoticus
拡張子: .2020END

◆New STOP Ransomware variant (Twitter(Michael Gillespie), 2020/12/14)

Ransomware: STOP
拡張子: .booa

◆Clop sample used on Symrise (Twitter(Minhee Lee), 2020/12/14)

Ransomware: Clop


◆Ransomware attack causing billing delays for Missouri city (BleepingComputer, 2020/12/15 11:09)

◆New Dharma ransomware variants (Twitter(Jakub Kroustek), 2020/12/15)

Ransomware: Dharma
拡張子: .msf or .lock

◆New Phobos Ransomware variant (Twitter(Michael Gillespie), 2020/12/15)

Ransomware: Phobos
拡張子: .id[].[ICQ_Sophos].Antivirus


◆Ransomware gangs automate payload delivery with SystemBC malware (BleepingComputer, 2020/12/16 09:00)

◆Beazley Breach Insights - Q3 2020 (Beazley, 2020/12/16)
[Beazley Breach Insights - 2020年第3四半期]

Increasing severity in ransomware calls for layered cyber defenses

◆New Hades Ransomware (Twitter(Michael Gillespie), 2020/12/16)

Ransomware: Hades
ランサムノート: HOW-TO-DECRYPT-xxxxx.txt


◆New HiddenTear variant (Twitter(MalwareHunterTeam), 2020/12/16)

Ransomware: HiddenTear
拡張子: .fmfgmfgm

◆The COVID-20 Ransomware (Twitter(MalwareHunterTeam), 2020/12/16)

Ransomware: COVID-20


◆Iranian nation-state hackers linked to Pay2Key ransomware (BleepingComputer, 2020/12/17)

Ransomware: Pay2Key
Iranian-backed hacking group Fox Kitten has been linked to the Pay2Key ransomware operation that has recently started targeting organizations from Israel and Brazil.
[イランの支援を受けたハッキンググループ「Fox Kitten」は、最近イスラエルやブラジルの組織を標的にし始めた「Pay2Key」のランサムウェア作戦とリンクしています]

◆Ransomware masquerades as mobile version of Cyberpunk 2077 (BleepingComputer, 2020/12/17 14:01)

A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game that is installing a ransomware calling itself CoderWare.
[脅威のアクターが、CoderWareを名乗るランサムウェアをインストールする「Cyberpunk 2077」ゲーム用の偽のWindowsやAndroid用インストーラーを配布しています]


◆New STOP Ransomware variant (Twitter(Michael Gillespie), 2020/12/18)

Ransomware: STOP
拡張子: .omfl

◆New Hakbit variant (Twitter(xiaopao), 2020/12/18)

Ransomware: Hakbit
拡張子: .rastar

◆New Inferno RaaS (Twitter(RAKESH KRISHNAN), 2020/12/18)



 ◆資料・報告書 (まとめ)

◆The Week in Ransomware (まとめ)

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2022