【ニュース】
◆The Week in Ransomware - January 27th 2023 - 'We hacked the hackers' (BleepingComputer, 2023/01/27 19:08)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-27th-2023-we-hacked-the-hackers/
【詳細】
■2023年1月23日 (月)
◆New Dharma ransomware variants (PCrisk(Twitter), 2023/01/23)
Ransomware: Nlb (Dharma/CrySis)
拡張子: .nlb
Ransomnote: FILES ENCRYPTED.txt / Info.hta
Sha256: 4c21b335baf9907cfaec588f25354b804b3d59f3882d923fbaf0d929b933ef49
https://www.virustotal.com/gui/file/4c21b335baf9907cfaec588f25354b804b3d59f3882d923fbaf0d929b933ef49/detection
◆New Stop ransomware variant (PCrisk(Twitter), 2023/01/23)
Ransomware: Stop/Djvu (v0636)
拡張子: .mztu
Ransomnote: _readme.txt
Sha256: 56b1b7b168c8903258910eca42bac063fb8bb00405d629caa14ba10cdc211d86
https://www.virustotal.com/gui/file/56b1b7b168c8903258910eca42bac063fb8bb00405d629caa14ba10cdc211d86/detection
◆New VoidCrypt ransomware variant (PCrisk(Twitter), 2023/01/23)
Ransomware: MrWhite (oidCrypt)
拡張子: .MrWhite
Ransomnote: Dectryption-guide.txt
Sha256: 83cf3a2ccadf0c6d2fb61d3735ccf941c1661e7f3d1e38580ad6bf4a036db951
https://www.virustotal.com/gui/file/83cf3a2ccadf0c6d2fb61d3735ccf941c1661e7f3d1e38580ad6bf4a036db951/detection
■2023年1月24日 (火)
◆Ransomware access brokers use Google ads to breach your networ (BleepingComputer, 2023/01/24 18:07)
[ランサムウェアのアクセスブローカーがGoogle広告を利用してネットワークに侵入]
Ransomware access brokers use Google ads to breach your networ
⇒ https://malware-log.hatenablog.com/entry/2023/01/24/000000_6
◆Vice Society Ransomware Group Targets Manufacturing Companies (Trendmicro, 2023/01/24)
[製造業を狙うランサムウェア「Vice Society」グループ]Ransomware: Vice Society
https://www.trendmicro.com/en_us/research/23/a/vice-society-ransomware-group-targets-manufacturing-companies.html
⇒ https://malware-log.hatenablog.com/entry/2023/01/24/000000_7
◆New MedusaLocker ransomware variant (PCrisk(Twitter), 2023/01/24)
Ransomware: MedusaLocker
拡張子: .filesencrypted
Ransomnote: how_to_back_files.html
Sha256: 89ef8f862ff39fae66ec113c2cab99bfbec737bd4c9613c87b80cf95401adb60
https://www.virustotal.com/gui/file/89ef8f862ff39fae66ec113c2cab99bfbec737bd4c9613c87b80cf95401adb60/detection
■2023年1月26日 (木)
◆Hive ransomware disrupted after FBI hacks gang's systems (BleepingComputer, 2023/01/26 10:14)
[FBIがギャングのシステムをハッキングした後、ランサムウェア「Hive」は停止された]Ransomware: Hive
https://www.bleepingcomputer.com/news/security/hive-ransomware-disrupted-after-fbi-hacks-gangs-systems/
⇒ https://malware-log.hatenablog.com/entry/2023/01/26/000000_3
◆New Mimic ransomware abuses ‘Everything’ Windows search tool (BleepingComputer, 2023/01/26 16:22)
[新型ランサムウェア「Mimic」がWindowsの検索ツール「Everything」を悪用]Ransomware: Mimic
https://www.bleepingcomputer.com/news/security/new-mimic-ransomware-abuses-everything-windows-search-tool/
⇒ https://malware-log.hatenablog.com/entry/2023/01/26/000000_4
◆US offers $10M bounty for Hive ransomware links to foreign governments (BleepingComputer, 2023/01/26 15:41)
[米国、ランサムウェア「Hive」の外国政府との関連に1,000万ドルの懸賞金を提供]Ransomware: Hive
https://www.bleepingcomputer.com/news/security/us-offers-10m-bounty-for-hive-ransomware-links-to-foreign-governments/
⇒ https://malware-log.hatenablog.com/entry/2023/01/26/000000_5
◆New Phobos ransomware variant (PCrisk(Twitter), 2023/01/26)
Ransomware: Unknown (Phobos)
拡張子: .unknown
Ransomnote: info.txt / info.hta
Sha256: 7d9c97a133997396b0625a5d2b762fb8b333f5152d4dd893c7a463cc41372ab5
https://www.virustotal.com/gui/file/7d9c97a133997396b0625a5d2b762fb8b333f5152d4dd893c7a463cc41372ab5/detection
■2023年1月27日 (金)
◆New SickFile ransomware (PCrisk(Twitter), 2023/01/27)
Ransomware: SickFile
拡張子: .bitenc
Ransomnote: how_to_back_files.html
Sha256: 1c2d5cccca58b469351980895c8a2080c8346de09c2f1ab7a123deb3d3e4a539
https://www.virustotal.com/gui/file/1c2d5cccca58b469351980895c8a2080c8346de09c2f1ab7a123deb3d3e4a539/detection
◆New Mallox ransomware variant (PCrisk(Twitter), 2023/01/27)
Ransomware: Bitenc (Mallox)
拡張子: .bitenc
Ransomnote: FILE RECOVERY.txt
Sha256: a340ef5adb00a2bf1a0735600491ca98ac8045b57db892dedc27575a53b25056
https://www.virustotal.com/gui/file/a340ef5adb00a2bf1a0735600491ca98ac8045b57db892dedc27575a53b25056/detection
【関連まとめ記事】
◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware