DRM - Dashboard Ransomware Monitor

Profilo, status e statistiche (dal 12-01-2020)

Dettaglio cyber gang medusalocker

Profilo gang by OSINT sources: [source: 1]

Medusa is a DDoS bot written in .NET 2.0. In its current incarnation its C&C protocol is based on HTTP, while its predecessor made use of IRC.

Alerts:


Statistiche
N. rivendicazioni 2023 2022 2021
33 17 16 0
URLs
Fonte onionUltimo titoloStatusUltimo scrapeVersione Tor
qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion 🔴 01-05-2021 3
z6wkgghtoawog5noty5nxulmmt2zs7c3yvwr22v4czbffdoly2kl4uad.onion Ransomware blog – We will not give ourselves a nam 🟢 01-10-2023 3
Materiale utile
URL ricerca source: 1
http://id-ransomware.blogspot.com/2019/10/medusalocker-ransomware.html
https://asec.ahnlab.com/en/48940/
https://blog.cyble.com/2023/03/15/unmasking-medusalocker-ransomware/
https://blog.talosintelligence.com/2020/04/medusalocker.html
https://cloudsek.com/technical-analysis-of-medusalocker-ransomware/
https://dissectingmalwa.re/try-not-to-stare-medusalocker-at-a-glance.html
https://docs.google.com/spreadsheets/d/1MI8Z2tBhmqQ5X8Wf_ozv3dVjz5sJOs-3
https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2021GTR.pdf
https://id-ransomware.blogspot.com/2020/01/ako-ransomware.html
https://jsac.jpcert.or.jp/archive/2020/pdf/JSAC2020_1_tamada-yamazaki-nakatsuru_en.pdf
https://ke-la.com/how-ransomware-gangs-find-new-monetization-schemes-and-evolve-in-marketing/
https://medium.com/csis-techblog/inside-view-of-brazzzersff-infrastructure-89b9188fd145
https://twitter.com/siri_urz/status/1215194488714346496?s=20
https://us-cert.cisa.gov/ncas/alerts/aa20-345a
https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/wp-spark-state-of-ransomware.pdf
https://www.bleepingcomputer.com/news/security/march-2023-broke-ransomware-attack-records-with-459-incidents/
https://www.carbonblack.com/2020/06/03/tau-threat-analyis-medusa-locker-ransomware/
https://www.cisa.gov/uscert/ncas/alerts/aa22-181a
https://www.cisa.gov/uscert/sites/default/files/publications/AA22-181A_stopransomware_medusalocker.pdf
https://www.crowdstrike.com/blog/double-trouble-ransomware-data-leak-extortion-part-1
https://www.crowdstrike.com/blog/double-trouble-ransomware-data-leak-extortion-part-1/
https://www.crowdstrike.com/blog/double-trouble-ransomware-data-leak-extortion-part-2/
https://www.cybereason.com/blog/medusalocker-ransomware
https://www.mandiant.com/resources/chasing-avaddon-ransomware
https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/
https://www.theta.co.nz/news-blogs/cyber-security-blog/part-1-analysing-medusalocker-ransomware/
https://www.theta.co.nz/news-blogs/cyber-security-blog/part-2-analysing-medusalocker-ransomware/
https://www.theta.co.nz/news-blogs/cyber-security-blog/part-3-analysing-medusalocker-ransomware/
Note di riscatto

medusalocker : Crypto wallet(s)

address blockchain Balance
1BkmiGWPLum8MzusqZsq6Tn7v4oUjqPLjC bitcoin $ 241977
1PormUgPR72yv2FRKSVY27U4ekWMKobWjg bitcoin $ 450421
1HEDP3c3zPwiqUaYuWZ8gBFdAQQSa6sMGw bitcoin $ 658778
1DRxUFhvJjGUdojCzMWSLmwx7Qxn79XbJq bitcoin $ 21756
1DyMbw6R9PbJqfUSDcK5729xQ57yJrE8BC bitcoin $ 129235
1HZHhdJ6VdwBLCFhdu7kDVZN9pb3BWeUED bitcoin $ 157077
14cATAzXwD7CQf35n8Ea5pKJPfhM6jEHak bitcoin $ 16997
1Edcufenw1BB4ni9UadJpQh9LVx9JGtKpP bitcoin $ 139328
bc1qy34v0zv6wu0cugea5xjlxagsfwgunwkzc0xcjj bitcoin $ 58918
1DeNHM2eTqHp5AszTsUiS4WDHWkGc5UxHf bitcoin $ 65459
12xd6KrWVtgHEJHKPEfXwMVWuFK4k1FCUF bitcoin $ 41549
bc1q9jg45a039tn83jk2vhdpranty2y8tnpnrk9k5q bitcoin $ 29692
1AbRxRfP6yHePpi7jmDZkS4Mfpm1ZiatH5 bitcoin $ 1194661
18wRbb94CjyTGkUp32ZM7krCYCB9MXUq42 bitcoin $ 200665
1HdgQM9bjX7u7vWJnfErY4MWGBQJi5mVWV bitcoin $ 14336
14oH2h12LvQ7BYBufcrY5vfKoCq2hTPoev bitcoin $ 104669
184ZcAoxkvimvVZaj8jZFujC7EwR3BKWvf bitcoin $ 158499
bc1qz3lmcw4k58n79wpzm550r5pkzxc2h8rwmmu6xm bitcoin $ 56049
1PopeZ4LNLanisswLndAJB1QntTF8hpLsD bitcoin $ 866858
1AereQUh8yjNPs9Wzeg1Le47dsqC8NNaNM bitcoin $ 731990

Last update : Monday 13/03/2023 21.09 (UTC)

Questo script colleziona ogni rivendicazione criminale esattamente come esposta dalle fonti (modello "As Is"), in un database MySQL per creare un feed permanente, che può anche essere seguito con tecnologia RSS.
Il motore è basato sul progetto ransomFeed, fork in GitHub.

© ransomfeed.it 2023 | share with |