TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - March 19th 2021 - Highest ransom ever!

【ニュース】

◆The Week in Ransomware - March 19th 2021 - Highest ransom ever! (BleepingComputer, 2021/0/319 17:40)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-19th-2021-highest-ransom-ever/


【詳細】

■2021年3月13日(土)

◆New RunExeMemory ransomware variant (GrujaRSA(Twitter), 2021/03/13)

Ransomware: RunExeMemory
拡張子: .z8sj2c, ランサムノート: Read me, if you want to recover your files.txt

https://twitter.com/GrujaRS/status/1370748367693840384


■2021年3月16日(火)

◆FBI warns of escalating Pysa ransomware attacks on education orgs (BleepingComputer, 2021/03/16 11:22)

Ransomware: Pysa

https://www.bleepingcomputer.com/news/security/fbi-warns-of-escalating-pysa-ransomware-attacks-on-education-orgs/
https://malware-log.hatenablog.com/entry/2021/03/16/000000_2

◆‘I scrounged through the trash heaps… now I’m a millionaire:’ An interview with REvil’s Unknown (The Record, 2021/03/16)

Ransomware: REvil

https://therecord.media/i-scrounged-through-the-trash-heaps-now-im-a-millionaire-an-interview-with-revils-unknown/
https://malware-log.hatenablog.com/entry/2021/03/16/000000_8

◆New Liz Dharma ransomware variant (Jakub Kroustek(Twitter), 2021/03/16)

Ransomware: Liz Dharma
拡張子: .liz

https://twitter.com/JakubKroustek/status/1371966419248816129

◆New Rapid ransomware variant (dnwls0719(Twitter), 2021/03/16)

Ransomware: Rapid
拡張子: .lock

https://twitter.com/fbgwls245/status/1371982321851662337

◆New Xorist ransomware variant (xiaopao(Twitter), 2021/03/16)

Ransomware: Xorist
拡張子: .sandboxtest

https://twitter.com/Kangxiaopao/status/1371779576020430852


■2021年3月17日(水)

◆Missed opportunity: Bug in LockBit ransomware allowed free decryptions (The Record, 2021/03/17)
[機会損失。ランサムウェア「LockBit」のバグにより無料で解読が可能に]

A member of the cybercriminal community has discovered and disclosed a bug in the LockBit ransomware that could have been used for free decryptions.
[サイバー犯罪者コミュニティのメンバーが、ランサムウェア「LockBit」のバグを発見し、公開しました。このバグを利用すれば、無料で解読が可能でした]

Ransomware: LockBit

https://therecord.media/missed-opportunity-bug-in-lockbit-ransomware-allowed-free-decryptions/
https://malware-log.hatenablog.com/entry/2021/03/17/000000_13

◆New Hakbit ransomware variant (xiaopao(Twitter), 2021/03/17)

Ransomware: Hakbit ( SFileの亜種)
拡張子: .PROM

https://twitter.com/Kangxiaopao/status/1372144791719342082

◆New SFile ransomware variant (xiaopao(Twitter), 2021/03/17)

Ransomware: SFile
拡張子: .zuadr, ランサムノート: RESTORE_FILES_INFO.hta / RESTORE_FILES_INFO.txt

https://twitter.com/Kangxiaopao/status/1372152354020093955


■2021年3月18日(木)

◆New PewPew Ransomware variant (Amigo-A(Twitter), 2021/03/18)

Ransomware: PewPew
拡張子: .optimus

https://twitter.com/siri_urz/status/1372577123907559426

◆New Stop ransomware variant (dnwls0719(Twitter), 2021/03/18)

Ransomware: STOP Djvu
拡張子: .enfp, ランサムノート: _readme.txt

https://twitter.com/fbgwls245/status/1372573018581389317

f:id:tanigawa:20210321213204j:plain


■2021年3月19日(金)

◆REvil ransomware has a new ‘Windows Safe Mode’ encryption mode (BleepingComputer, 2021/03/19 07:15)
[ランサムウェア「REvil」の暗号化モードに「Windows Safe Mode」が追加されました]

Ransomware: REvil

https://www.bleepingcomputer.com/news/security/revil-ransomware-has-a-new-windows-safe-mode-encryption-mode/
https://malware-log.hatenablog.com/entry/2021/03/19/000000_1

◆Computer giant Acer hit by $50 million ransomware attack (BleepingComputer, 2021/03/19 11:11)
[コンピューター大手のAcer、5,000万ドル規模のランサムウェア攻撃を受ける]

Ransomware: REvil

https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack/
https://malware-log.hatenablog.com/entry/2021/03/19/000000_9

◆Cyberattaque : une rançon de 50 millions de dollars demandée à Acer (LEMAGIT, 2021/03/19)

Ransomware: REvil

https://www.lemagit.fr/actualites/252498175/Cyberattaque-une-rancon-de-50-millions-de-dollars-demandee-a-Acer
https://malware-log.hatenablog.com/entry/2021/03/19/000000_10

◆Ransomware statistics for 2020: Year in summary (EMSISoft, 2021/03/19)
https://blog.emsisoft.com/en/38259/ransomware-statistics-for-2020-year-in-summary/
https://malware-log.hatenablog.com/entry/2021/03/19/000000_11

◆New SFile ransomware variant (xiaopao(Twitter), 2021/03/19)

Ransomware: SFile
拡張子: .Technomous-zbtrqyd

https://twitter.com/Kangxiaopao/status/1372840741802635265


【関連まとめ記事】

全体まとめ
 ◆資料・報告書 (まとめ)

◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020