TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - October 28th 2022 - Healthcare leaks

【ニュース】

◆The Week in Ransomware - October 28th 2022 - Healthcare leaks (BleepingComputer, 2022/10/28)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-28th-2022-healthcare-leaks/


【詳細】

■2022年10月22日 (土)

◆TommyLeaks and SchoolBoys: Two sides of the same ransomware gang (BleepingComputer, 2022/10/22)
[TommyLeaksとSchoolBoys:同じランサムウェアの一味の表裏一体]
https://www.bleepingcomputer.com/news/security/tommyleaks-and-schoolboys-two-sides-of-the-same-ransomware-gang/
https://malware-log.hatenablog.com/entry/2022/10/22/000000


■2022年10月24日 (月)

Cuba ransomware affiliate targets Ukrainian govt agencies (BleepingComputer, 2022/10/24 11:51)
[Cuba ランサムウェアのアフィリエイトがウクライナの政府機関を狙う]
https://www.bleepingcomputer.com/news/security/cuba-ransomware-affiliate-targets-ukrainian-govt-agencies/
https://malware-log.hatenablog.com/entry/2022/10/24/000000_2

◆Pendragon car dealer refuses $60 million LockBit ransomware demand (BleepingComputer, 2022/10/24)
[Pendragonの自動車ディーラーが6,000万ドルのLockBitランサムウェアの要求を拒否]
https://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/
https://malware-log.hatenablog.com/entry/2022/10/24/000000_3

◆New STOP ransomware variants (PCrisk(Twitter), 2022/10/24)

Ransomware: STOP
拡張子: .nuis / .nury

https://twitter.com/pcrisk/status/1584425234404323328

◆New Chaos ransomware variant (PCrisk(Twitter), 2022/10/24)

Ransomware: Chaos
拡張子: .eking

https://twitter.com/pcrisk/status/1584426179326488578

◆New KillNet ransomware (PCrisk(Twitter), 2022/10/24)

Ransomware: KillNet
拡張子: .killnet , Ransomnote: Ru.txt

https://twitter.com/pcrisk/status/1584432174136033280


■2022年10月25日 (火)

Hive claims ransomware attack on Tata Power, begins leaking data (BleepingComputer, 2022/10/25 14:49)
[HiveがTata Powerへのランサムウェア攻撃を主張、データ流出を開始]
https://www.bleepingcomputer.com/news/security/hive-claims-ransomware-attack-on-tata-power-begins-leaking-data/
https://malware-log.hatenablog.com/entry/2022/10/25/000000_3

◆Microsoft: Vice Society targets schools with multiple ransomware families (BleepingComputer, 2022/10/25 14:07)
[マイクロソフト: Vice Society は複数のランサムウェアファミリーで学校をターゲットにする]
https://www.bleepingcomputer.com/news/security/microsoft-vice-society-targets-schools-with-multiple-ransomware-families/
https://malware-log.hatenablog.com/entry/2022/10/25/000000_4

LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company (Trendmicro, 2022/10/25)
[ProxyShellを悪用したランサムウェア「LV」がヨルダンの企業を攻撃]
https://www.trendmicro.com/en_us/research/22/j/lv-ransomware-exploits-proxyshell-in-attack.html
https://malware-log.hatenablog.com/entry/2022/10/25/000000_5

◆New Zeppelin ransomware variant (PCrisk(Twitter), 2022/10/24)

Ransomware: Zeppelin
拡張子: .bbd2.[victim's_ID] , Ransomnote: ALL YOUR FILES ARE ENCRYPTED.txt

https://twitter.com/pcrisk/status/1584785811610161156


■2022年10月26日 (水)

◆Medibank now says hackers accessed all its customers’ personal data (BleepingComputer, 2022/10/26 10:30)
[メディバンク、ハッカーが全顧客の個人情報にアクセスしたと発表]
https://www.bleepingcomputer.com/news/security/medibank-now-says-hackers-accessed-all-its-customers-personal-data/
https://malware-log.hatenablog.com/entry/2022/10/26/000000_1

◆New Chaos ransomware variant (PCrisk(Twitter), 2022/10/26)

Ransomware: Chaos, CRYPTONITE
拡張子: 4 random characters, Ransomnote: lisezmoi.txt

https://twitter.com/pcrisk/status/1585141019418320896
https://malware-log.hatenablog.com/entry/2022/10/26/000000_2

◆New Makop ransomware variant (PCrisk(Twitter), 2022/10/26)

Ransomware: Makop
拡張子: .INT, Ransomnote: +README-WARNING+.txt

https://twitter.com/pcrisk/status/1585206639195344897
https://malware-log.hatenablog.com/entry/2022/10/26/000000_3

◆Dragos Industrial Ransomware Analysis: Q3 2022 (Dragos, 2022/10/26)
[Dragos: 産業用ランサムウェアの分析。Q3 2022]
https://www.dragos.com/blog/industry-news/dragos-industrial-ransomware-analysis-q3-2022/
https://malware-log.hatenablog.com/entry/2022/10/26/000000_4

◆Indianapolis Housing Agency responds to massive system-wide ransomware attack (IndyStar, 2022/10/26)
[インディアナポリス住宅公社、システム全体に及ぶ大規模なランサムウェア攻撃に対応]
https://www.indystar.com/story/news/local/indianapolis/2022/10/26/ransomware-indianapolis-housing-agency-section-8-system/69593974007/
https://malware-log.hatenablog.com/entry/2022/10/26/000000_5


■2022年10月27日 (木)

◆Australian Clinical Labs says patient data stolen in ransomware attack (BleepingComputer, 2022/10/27 14:05)
[オーストラリアのクリニカルラボ、ランサムウェア攻撃で患者データを盗まれたと発表]
https://www.bleepingcomputer.com/news/security/australian-clinical-labs-says-patient-data-stolen-in-ransomware-attack/
https://malware-log.hatenablog.com/entry/2022/10/27/000000_1

◆Microsoft links Raspberry Robin worm to Clop ransomware attacks (BleepingComputer, 2022/10/27 15:34)
[マイクロソフト、Raspberry RobinワームとClopランサムウェア攻撃を関連付け]
https://www.bleepingcomputer.com/news/security/microsoft-links-raspberry-robin-worm-to-clop-ransomware-attacks/
https://malware-log.hatenablog.com/entry/2022/10/27/000000_2

◆New Zeppelin ransomware variant (PCrisk, 2022/10/28)

Ransomware: Zeppelin
拡張子: .vn2.1.[victim's_ID] , Ransomnote: ALL YOUR FILES ARE ENCRYPTED.txt

https://twitter.com/pcrisk/status/1585518638789967873


■2022年10月28日 (金)

◆New STOP ransomware variants (PCrisk(Twitter), 2022/10/28)

Ransomware: STOP
拡張子: .powd / .pozq

https://twitter.com/pcrisk/status/1585887724783144960


【関連まとめ記事】

全体まとめ
 ◆資料・報告書 (まとめ)

◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2023