xiaopao

@stealthmole_int Behind the #DragonRaaS (and the "Stormous" copy-cat's) are two Yemeni Individuals. They "redesigned" the old Logo and also came up with a "#StormCry" Ransomware back in March

#Qilin has added a QR code to its leak site which points to "WikiLeaksV2" - a clearnet site on which Qilin also list a selection of their victims in addition to soliciting donations. #ransomware

📌 #Akira ransomware exfiltration server. 77.247.126.158: still active and exposed by BlackBerry in the blog “Akira Ransomware Targets the LATAM Airline Industry” → blogs.blackberry.com/en/2024/07/aki…. Another possible candidate could be 190.211.252.82, unconfirmed but with very similar characteristics 🧐

@Amigo_A_ 👏👏👏👏👏👏👏👏

On July 20, 2024, the number of articles in my Digest reached 2000. On this occasion, a small fireworks display. id-ransomware.blogspot.com/2016/07/ransom…

#Ransomware Wuibei ransom ioc: mai:ingrengshun@qdo.com info: 0a___Hello_ReadMe___.TXT notice.txt BTC Wallets: 1Abim6rh3uRkDmxriYY91EaqYXvDdtfcpN 1NYXFKZ2Cgc1765NyDxkLAqdBzyw3VYKQj md5: ca13c0b6043ae7171330c513135b8ce5 a57ce5e81cd9eb3456c8d021101cbbc0 360.cn/n/12481.html

💰ThreatLabz has discovered a new #ransomware group named Money Message performing double extortion attacks. Sample hash: bbdac308d2b15a4724de7919bf8e9ffa713dea60ae3a482417c44c60012a654b Data leak site: blogvl7tjyjvsfthobttze52w36wwiz34hrfcmorgvdzb6hikucb7aqd[.]onion

Cl0p ransomware group has breached critical infrastructure in England responsible for the public water supply and waste management for London, Luton, Thames Valley, Surrey, and more. They state they will not ransom it. cl0p's official statement: share.vx-underground.org/cl0p-thameswat…

#NYX #ransom ext:NYX mail:Bluemanteam@my.com and Blueman5@tutanota.com info:000_NYX_READ_ME3.hta sample:virustotal.com/gui/file/b4ed2… @Amigo_A_

LockBit supposedly prohibits its affiliates from carrying out encryption-based attacks on nuclear power plants and other critical infrastructure, but permits them to compromise the networks to steal data. 1/3

🌐 The new website (Version 3.0) of Lockbit #Ransomware team allows anyone to extend the timer by 24 hours, destroy all data from the website, or download all data right away to maximize the ransom money for each victim 💸 Next level hacking group 🥷 #Lockbit

#BlueSky #Ranomsware ext:bluesky info:# DECRYPT FILES BLUESKY #.html、# DECRYPT FILES BLUESKY #.txt sample:virustotal.com/gui/file/3e035…

#Ransom maybe this belong to phantom family? mail:shellcode7@mailfence.com shellcode7@proton.me info:README.id.hta ext:id @Amigo_A_

@Amigo_A_ @PIPIKAKI @demonslay335 @BleepinComputer ext："@Ransomware_Decrypt” info:WE CAN RECOVER YOUR DATA.txt

A new #Pipikaki #Ransomware id-ransomware.blogspot.com/2022/04/pipika… Threaten to publish stolen data. Extension .[<ID>].@PIPIKAKI Filemarker (sample): 5391F333MONSTER R/n: WE CAN RECOVER YOUR DATA.txt Skype and ICQ: PIPIKAKI Email: pipikaki@onion* No sample yet. @demonslay335 @BleepinComputer

Last article in March #Vovabol #Ransomware, probably fake encryptor. id-ransomware.blogspot.com/2022/03/vovabo… Uses UA and LV mail accounts, but asks for a ransom on Qiwi wallet. Thank @malwrhunterteam

@pcrisk @struppigel @demonslay335 @Amigo_A_ @LawrenceAbrams @JakubKroustek TargetCompany

Bozon Ransomware; Extension: .bozon; Ransom note: FILE RECOVERY.txt Sample: virustotal.com/gui/file/ca0cb… @struppigel @demonslay335 @Amigo_A_ @LawrenceAbrams @JakubKroustek

LAPSUS$ extortion group has released source code to Bing, Bing Maps, and Microsoft Cortana. They state that each release is incomplete (not the entire source code).

New blog post detailing the unpacking of #Pandora #Ransomware and similarities with Rook Ransomware. dissectingmalwa.re/blog/pandora/

For those looking into the #ContiLeaks, I've prepared a network relationship map, that shows the relationships between users, based on the leaked chat logs. bit.ly/JGEU_CLNETMAP

#Surtr #Ransomware ext:.surtr mail:Dec_youfile1986@mailfence.com info: SURTR_README.hta SURTR_README.txt samlple:tria.ge/220302-jzmfkse… @Amigo_A_