【ニュース】
◆The Week in Ransomware - March 19th 2021 - Highest ransom ever! (BleepingComputer, 2021/0/319 17:40)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-19th-2021-highest-ransom-ever/
【詳細】
■2021年3月13日(土)
◆New RunExeMemory ransomware variant (GrujaRSA(Twitter), 2021/03/13)
Ransomware: RunExeMemory
拡張子: .z8sj2c, ランサムノート: Read me, if you want to recover your files.txt
■2021年3月16日(火)
◆FBI warns of escalating Pysa ransomware attacks on education orgs (BleepingComputer, 2021/03/16 11:22)
Ransomware: Pysa
https://www.bleepingcomputer.com/news/security/fbi-warns-of-escalating-pysa-ransomware-attacks-on-education-orgs/
⇒ https://malware-log.hatenablog.com/entry/2021/03/16/000000_2
◆‘I scrounged through the trash heaps… now I’m a millionaire:’ An interview with REvil’s Unknown (The Record, 2021/03/16)
Ransomware: REvil
https://therecord.media/i-scrounged-through-the-trash-heaps-now-im-a-millionaire-an-interview-with-revils-unknown/
⇒ https://malware-log.hatenablog.com/entry/2021/03/16/000000_8
◆New Liz Dharma ransomware variant (Jakub Kroustek(Twitter), 2021/03/16)
Ransomware: Liz Dharma
拡張子: .lizhttps://twitter.com/JakubKroustek/status/1371966419248816129
◆New Rapid ransomware variant (dnwls0719(Twitter), 2021/03/16)
Ransomware: Rapid
拡張子: .lock
◆New Xorist ransomware variant (xiaopao(Twitter), 2021/03/16)
Ransomware: Xorist
拡張子: .sandboxtest
■2021年3月17日(水)
◆Missed opportunity: Bug in LockBit ransomware allowed free decryptions (The Record, 2021/03/17)
[機会損失。ランサムウェア「LockBit」のバグにより無料で解読が可能に]A member of the cybercriminal community has discovered and disclosed a bug in the LockBit ransomware that could have been used for free decryptions.
[サイバー犯罪者コミュニティのメンバーが、ランサムウェア「LockBit」のバグを発見し、公開しました。このバグを利用すれば、無料で解読が可能でした]Ransomware: LockBit
https://therecord.media/missed-opportunity-bug-in-lockbit-ransomware-allowed-free-decryptions/
⇒ https://malware-log.hatenablog.com/entry/2021/03/17/000000_13
◆New Hakbit ransomware variant (xiaopao(Twitter), 2021/03/17)
Ransomware: Hakbit ( SFileの亜種)
拡張子: .PROM
◆New SFile ransomware variant (xiaopao(Twitter), 2021/03/17)
Ransomware: SFile
拡張子: .zuadr, ランサムノート: RESTORE_FILES_INFO.hta / RESTORE_FILES_INFO.txt
■2021年3月18日(木)
◆New PewPew Ransomware variant (Amigo-A(Twitter), 2021/03/18)
Ransomware: PewPew
拡張子: .optimus
◆New Stop ransomware variant (dnwls0719(Twitter), 2021/03/18)
Ransomware: STOP Djvu
拡張子: .enfp, ランサムノート: _readme.txt
■2021年3月19日(金)
◆REvil ransomware has a new ‘Windows Safe Mode’ encryption mode (BleepingComputer, 2021/03/19 07:15)
[ランサムウェア「REvil」の暗号化モードに「Windows Safe Mode」が追加されました]Ransomware: REvil
https://www.bleepingcomputer.com/news/security/revil-ransomware-has-a-new-windows-safe-mode-encryption-mode/
⇒ https://malware-log.hatenablog.com/entry/2021/03/19/000000_1
◆Computer giant Acer hit by $50 million ransomware attack (BleepingComputer, 2021/03/19 11:11)
[コンピューター大手のAcer、5,000万ドル規模のランサムウェア攻撃を受ける]Ransomware: REvil
https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack/
⇒ https://malware-log.hatenablog.com/entry/2021/03/19/000000_9
◆Cyberattaque : une rançon de 50 millions de dollars demandée à Acer (LEMAGIT, 2021/03/19)
Ransomware: REvil
https://www.lemagit.fr/actualites/252498175/Cyberattaque-une-rancon-de-50-millions-de-dollars-demandee-a-Acer
⇒ https://malware-log.hatenablog.com/entry/2021/03/19/000000_10
◆Ransomware statistics for 2020: Year in summary (EMSISoft, 2021/03/19)
https://blog.emsisoft.com/en/38259/ransomware-statistics-for-2020-year-in-summary/
⇒ https://malware-log.hatenablog.com/entry/2021/03/19/000000_11
◆New SFile ransomware variant (xiaopao(Twitter), 2021/03/19)
Ransomware: SFile
拡張子: .Technomous-zbtrqyd
【関連まとめ記事】
◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware