【ニュース】

◆The Week in Ransomware - January 28th 2022 - Get NAS devices off the Internet (BleepingComputer, 2022/01/28 16:57)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-28th-2022-get-nas-devices-off-the-internet/

【詳細】

■2022年1月22日 (土)

◆New Paradise ransomware variant (dnwls0719(Twitter), 2022/01/22)

Ransomware: Paradise
拡張子: .iskaluz

https://twitter.com/fbgwls245/status/1484897702773026821

■2022年1月24日 (月)

◆Ransomware gangs increase efforts to enlist insiders for attacks (BleepingComputer, 2022/01/24 11:40)
[ランサムウェアの集団は、インサイダーを攻撃に参加させる取り組みを強化しています]
https://www.bleepingcomputer.com/news/security/ransomware-gangs-increase-efforts-to-enlist-insiders-for-attacks/
⇒ https://malware-log.hatenablog.com/entry/2022/01/24/000000

◆Hackers say they encrypted Belarusian Railway servers in protest (BleepingComputer, 2022/01/24 12:34)
https://www.bleepingcomputer.com/news/security/hackers-say-they-encrypted-belarusian-railway-servers-in-protest/
⇒ https://malware-log.hatenablog.com/entry/2022/01/24/000000_1

◆New STOP Ransomware variant (Jakub Kroustek(Twitter), 2022/01/24)

Ransomware: STOP
拡張子: .qqqw

https://twitter.com/JakubKroustek/status/1485715665256435718

■2022年1月25日 (火)

◆New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key (BleepingComputer, 2022/01/25 19:28)
https://www.bleepingcomputer.com/news/security/new-deadbolt-ransomware-targets-qnap-devices-asks-50-btc-for-master-key/
⇒ https://malware-log.hatenablog.com/entry/2022/01/25/000000_1

◆Ransomware hackers' new tactic: Calling you directly (NBC News, 2022/01/25)
[ランサムウェアのハッカーの新しい手口：直接電話すること]

Hackers have increasingly roped in everyday people whose information is stored in computers that have been breached, pestering them by phone and email.
[ハッカーは、侵入されたコンピュータに情報が保存されている一般人を捕まえては、電話や電子メールでしつこく問い詰めることが増えています]

https://www.nbcnews.com/tech/security/ransomware-hackers-new-tactic-calling-directly-rcna6466
⇒ https://malware-log.hatenablog.com/entry/2022/01/25/000000_2

◆Hacktivist group shares details related to Belarusian Railways hack (Curated Intelligence, 2022/01/25)
[ハクティビストグループがベラルーシ国鉄のハッキングに関する詳細を公開]
https://www.curatedintel.org/2022/01/hacktivist-group-shares-details-related.html
⇒ https://malware-log.hatenablog.com/entry/2022/01/25/000000_3

◆New ransomware appends 'exploit' (dnwls0719(Twitter), 2022/01/25)

拡張子: .exploit

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-28th-2022-get-nas-devices-off-the-internet/

■2022年1月26日 (水)

◆QNAP warns of new DeadBolt ransomware encrypting NAS devices (BleepingComputer, 2022/01/26 04:34)
[QNAPは、NASデバイスを暗号化する新しいDeadBoltランサムウェアについて警告しています]
https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-deadbolt-ransomware-encrypting-nas-devices/
⇒ https://malware-log.hatenablog.com/entry/2022/01/26/000000_1

◆Linux version of LockBit ransomware targets VMware ESXi servers (BleepingComputer, 2022/01/26 18:40)
https://www.bleepingcomputer.com/news/security/linux-version-of-lockbit-ransomware-targets-vmware-esxi-servers/
⇒ https://malware-log.hatenablog.com/entry/2022/01/26/000000_2

◆New Babuk knockoff ransomware variant (dnwls0719(Twitter), 2022/01/26)
https://twitter.com/fbgwls245/status/1486468803990986752
⇒ https://twitter.com/fbgwls245/status/1486468803990986752

■2022年1月27日 (木)

◆Taiwanese Apple and Tesla contractor hit by Conti ransomware (BleepingComputer, 2022/01/27 14:28)
[台湾のAppleとTeslaの契約者がContiランサムウェアの被害に遭う]
https://www.bleepingcomputer.com/news/security/taiwanese-apple-and-tesla-contractor-hit-by-conti-ransomware/
⇒ https://malware-log.hatenablog.com/entry/2022/01/27/000000_4

◆A history of REvil (Jon Dimaggio, 2022/01/27)
https://analyst1.com/file-assets/History-of-REvil.pdf
⇒ https://malware-log.hatenablog.com/entry/2022/01/27/000000_5

◆New MedusaLocker variant (dnwls0719(Twitter), 2022/01/27)

Ransomware: MedusaLocker
拡張子: .farattack

https://twitter.com/fbgwls245/status/1486903692842311685

■2022年1月28日 (金)

◆QNAP force-installs update after DeadBolt ransomware hits 3,600 devices (BleepingComputer, 2022/01/28 01:30)
https://www.bleepingcomputer.com/news/security/qnap-force-installs-update-after-deadbolt-ransomware-hits-3-600-devices/
⇒ https://malware-log.hatenablog.com/entry/2022/01/28/000000_7

◆Emsisoft releases a decryption tool for DeadBolt (Emsisoft, 2022/01/27)
https://twitter.com/emsisoft/status/1487121808406953985

◆New STOP ransomware variants (PCrisk(Twitter), 2022/01/28)

Ransomware: STOP
拡張子: .qqqe / .yoqs

https://twitter.com/pcrisk/status/1486940888618123264

◆Thanos builder used to create new ransomware (Jirí Vinopal(Twitter), 2022/01/28)

拡張子: .NARUMI

https://twitter.com/vinopaljiri/status/1487095501799538695