【ニュース】
◆The Week in Ransomware - January 28th 2022 - Get NAS devices off the Internet (BleepingComputer, 2022/01/28 16:57)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-28th-2022-get-nas-devices-off-the-internet/
【詳細】
■2022年1月22日 (土)
◆New Paradise ransomware variant (dnwls0719(Twitter), 2022/01/22)
Ransomware: Paradise
拡張子: .iskaluz
■2022年1月24日 (月)
◆Ransomware gangs increase efforts to enlist insiders for attacks (BleepingComputer, 2022/01/24 11:40)
[ランサムウェアの集団は、インサイダーを攻撃に参加させる取り組みを強化しています]
https://www.bleepingcomputer.com/news/security/ransomware-gangs-increase-efforts-to-enlist-insiders-for-attacks/
⇒ https://malware-log.hatenablog.com/entry/2022/01/24/000000
◆Hackers say they encrypted Belarusian Railway servers in protest (BleepingComputer, 2022/01/24 12:34)
https://www.bleepingcomputer.com/news/security/hackers-say-they-encrypted-belarusian-railway-servers-in-protest/
⇒ https://malware-log.hatenablog.com/entry/2022/01/24/000000_1
◆New STOP Ransomware variant (Jakub Kroustek(Twitter), 2022/01/24)
Ransomware: STOP
拡張子: .qqqwhttps://twitter.com/JakubKroustek/status/1485715665256435718
■2022年1月25日 (火)
◆New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key (BleepingComputer, 2022/01/25 19:28)
https://www.bleepingcomputer.com/news/security/new-deadbolt-ransomware-targets-qnap-devices-asks-50-btc-for-master-key/
⇒ https://malware-log.hatenablog.com/entry/2022/01/25/000000_1
◆Ransomware hackers' new tactic: Calling you directly (NBC News, 2022/01/25)
[ランサムウェアのハッカーの新しい手口:直接電話すること]Hackers have increasingly roped in everyday people whose information is stored in computers that have been breached, pestering them by phone and email.
[ハッカーは、侵入されたコンピュータに情報が保存されている一般人を捕まえては、電話や電子メールでしつこく問い詰めることが増えています]https://www.nbcnews.com/tech/security/ransomware-hackers-new-tactic-calling-directly-rcna6466
⇒ https://malware-log.hatenablog.com/entry/2022/01/25/000000_2
◆Hacktivist group shares details related to Belarusian Railways hack (Curated Intelligence, 2022/01/25)
[ハクティビストグループがベラルーシ国鉄のハッキングに関する詳細を公開]
https://www.curatedintel.org/2022/01/hacktivist-group-shares-details-related.html
⇒ https://malware-log.hatenablog.com/entry/2022/01/25/000000_3
◆New ransomware appends 'exploit' (dnwls0719(Twitter), 2022/01/25)
拡張子: .exploit
■2022年1月26日 (水)
◆QNAP warns of new DeadBolt ransomware encrypting NAS devices (BleepingComputer, 2022/01/26 04:34)
[QNAPは、NASデバイスを暗号化する新しいDeadBoltランサムウェアについて警告しています]
https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-deadbolt-ransomware-encrypting-nas-devices/
⇒ https://malware-log.hatenablog.com/entry/2022/01/26/000000_1
◆Linux version of LockBit ransomware targets VMware ESXi servers (BleepingComputer, 2022/01/26 18:40)
https://www.bleepingcomputer.com/news/security/linux-version-of-lockbit-ransomware-targets-vmware-esxi-servers/
⇒ https://malware-log.hatenablog.com/entry/2022/01/26/000000_2
◆New Babuk knockoff ransomware variant (dnwls0719(Twitter), 2022/01/26)
https://twitter.com/fbgwls245/status/1486468803990986752
⇒ https://twitter.com/fbgwls245/status/1486468803990986752
■2022年1月27日 (木)
◆Taiwanese Apple and Tesla contractor hit by Conti ransomware (BleepingComputer, 2022/01/27 14:28)
[台湾のAppleとTeslaの契約者がContiランサムウェアの被害に遭う]
https://www.bleepingcomputer.com/news/security/taiwanese-apple-and-tesla-contractor-hit-by-conti-ransomware/
⇒ https://malware-log.hatenablog.com/entry/2022/01/27/000000_4
◆A history of REvil (Jon Dimaggio, 2022/01/27)
https://analyst1.com/file-assets/History-of-REvil.pdf
⇒ https://malware-log.hatenablog.com/entry/2022/01/27/000000_5
◆New MedusaLocker variant (dnwls0719(Twitter), 2022/01/27)
Ransomware: MedusaLocker
拡張子: .farattack
■2022年1月28日 (金)
◆QNAP force-installs update after DeadBolt ransomware hits 3,600 devices (BleepingComputer, 2022/01/28 01:30)
https://www.bleepingcomputer.com/news/security/qnap-force-installs-update-after-deadbolt-ransomware-hits-3-600-devices/
⇒ https://malware-log.hatenablog.com/entry/2022/01/28/000000_7
◆Emsisoft releases a decryption tool for DeadBolt (Emsisoft, 2022/01/27)
https://twitter.com/emsisoft/status/1487121808406953985
◆New STOP ransomware variants (PCrisk(Twitter), 2022/01/28)
Ransomware: STOP
拡張子: .qqqe / .yoqs
◆Thanos builder used to create new ransomware (Jirí Vinopal(Twitter), 2022/01/28)
拡張子: .NARUMI