TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - April 9th 2021 - Massive ransom demands


◆The Week in Ransomware - April 9th 2021 - Massive ransom demands (BleepingComputer, 2021/04/09 16:47)

Ransomware attacks continue over the past two weeks with a continuation of the massive initial ransom demands we have seen recently.

Over the past two weeks, we have learned of attacks against Asteelflash, the Broward County Public Schools, Applus Technologies, Pierre Fabre, and Harris Federation, with many of the attack's initial ransoms ranging between $24 - $40 million.

この2週間の間に、Asteelflash、Broward County Public Schools、Applus Technologies、Pierre Fabre、Harris Federationに対する攻撃が判明しており、攻撃の初期身代金の多くは2,400万ドルから4,000万ドルとなっています。]


 ◆資料・報告書 (まとめ)

◆The Week in Ransomware (まとめ)



◆FatFace sends controversial data breach email after ransomware attack (BleepingComputer, 2021/03/27 09:41)

Ransomware: Conti


◆Ransomware admin is refunding victims their ransom payments (BleepingComputer, 2021/03/28 18:53)

◆CompuCom MSP expects over $20M in losses after ransomware attack (BleepingComputer, 2021/03/28 10:41)

Ransomware: DarkSide


◆Harris Federation hit by ransomware attack affecting 50 schools  (BleepingComputer, 2021/03/29 14:00)
[Harris Federation、ランサムウェア攻撃を受け50校が被害に]

Ransomware: DoppelPaymer


◆Microsoft Exchange attacks increase while WannaCry gets a restart (BleepingComputer, 2021/03/30 07:56)
[WannaCryが再起動する中、Microsoft Exchangeへの攻撃が増加]

◆New STOP Djvu Ransomware variant (Michael Gillespie(Twitter), 2021/03/30)

Ransomware: STOP Djvu
拡張子: .ytbn


◆New Dharma ransomware variants (Jakub Kroustek(Twitter), 2021/04/01)

Ransomware: Dharma
拡張子: .4o4 / .ctpl


◆Asteelflash electronics maker hit by REvil ransomware attack (BleepingComputer, 2021/04/02 14:17)

Ransomware: REvil

◆Qualys says Accellion hackers did not breach production systems (BleepingComputer, 2021/04/02 12:28)

Ransomware: Clop

◆Ransomware gang wanted $40 million in Florida schools cyberattack (BleepingComputer, 2021/04/02)

◆As ransomware stalks the manufacturing sector, victims are still keeping quiet (CyberScoop, 2021/04/02)

◆New Makop Ransomware variant (dnwls0719(Twitter), 2021/04/02)

Ransomware: Makop
拡張子: .dark, Ransomnote: readme-warning.txt

◆New WhiteBlackGroup ransomware (S!Ri(Twitter), 2021/04/02)

Ransomware: WhiteBlackGroup
拡張子: .encrpt3d



◆Malware attack is preventing car inspections in eight US states (BleepingComputer, 2021/04/03)

◆Ransomware gang leaks data from Stanford, Maryland universities  (BleepingComputer, 2021/04/03 09:31)

◆Sepa spends nearly £800,000 on cyber attack response (BBC, 2021/04/03)

◆New STOP Djvu Ransomware variant (Michael Gillespie(Twitter), 2021/04/03)

Ransomware: STOP Djvu
拡張子: .fdcz

◆New Jigsaw Ransomware variant (GrujaRS(Twitter), 2021/04/03)

Ransomware: Jigsaw
拡張子: .cat


◆Sierra Wireless resumes production after ransomware attack (BleepingComputer, 2021/04/04)
[ランサムウェア攻撃を受けたSierra Wireless社が生産を再開]

Canadian IoT solutions provider Sierra Wireless announced that it resumed production at its manufacturing sites halted after a ransomware attack that hit its internal network and corporate website on March 20.
[カナダのIoTソリューションプロバイダーであるSierra Wireless社は、3月20日に社内ネットワークと企業ウェブサイトがランサムウェア攻撃を受けて停止していた製造拠点の生産を再開したことを発表しました]

◆New STOP Djvu Ransomware variant (Michael Gillespie(Twitter), 2021/04/04)

Ransomware: STOP Djvu
拡張子: .urnb


◆New Jormungand Ransomware variant (dnwls0719(Twitter), 2021/04/05)

Ransomware: Jormungand
拡張子: .glock, Ransomnote: READ-ME-NOW.txt


◆Windows XP makes ransomware gangs work harder for their money (BleepingComputer, 2021/04/06 18:00)

◆Ransomware hits TU Dublin and National College of Ireland (BleepingComputer, 2021/04/06)


◆New Cring ransomware hits unpatched Fortinet VPN devices (BleepingComputer, 2021/04/07)

Ransomware: Cring

◆REvil ransomware now changes password to auto-login in Safe Mode (BleepingComputer, 2021/04/07 16:06)

◆New Wintenzz Security Tool ransomware (BleepingComputer, 2021/04/07)

Ransomware: Wintenzz Security Tool
拡張子: .wintenzz, Ransomnote: BUY_WINTENZZ.txt



◆New VHD ransomware variant (dnwls0719(Twitter), 2021/04/08)

Ransomware: VHD
拡張子: .beaf, Ransomnote: DecryptGuide.txt



◆Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack (BleepingComputer, 2021/04/09 14:52)

◆New STOP Djvu Ransomware variant (Michael Gillespie(Twitter), 2021/04/09)

Ransomware: STOP Djvu
拡張子: .lmas

◆New GEHENNA Locker ransomware (dnwls0719(Twitter), 2021/04/09)

Ransomware: GEHENNA Locker
拡張子: .gehenna, Ransomnote: GEHENNA-README-WARNING.html

◆Maze/Egregor ransomware cartel estimated to have made $75 million (The Record, 2021/04/09)

◆New RIP_lmao Ransomware (GrujaRS(Twitter), 2021/04/09)

Ransomware: RIP_lmao
拡張子: .crypted, Ransomnote: ___RECOVER__FILES__.crypted.txt

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2022