Ransomfeed

Profilo, status e statistiche (dal 12-01-2020)

Dettaglio cyber gang
nefilim

Profilo gang by OSINT sources: [source: 0]

According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is removal of the RaaS component, which was switched to email communications for payments. Uses AES-128, which is then protected RSA2048.

Alerts:


Statistiche
N. rivendicazioni 2024 2023 2022
0 0 0 0
URLs
Fonte onionUltimo titoloStatusUltimo scrapeVersione Tor
hxt254aygrsziejn.onion 🔴 01-05-2021 2
Materiale utile
URL ricerca source: 0
http://www.secureworks.com/research/threat-profiles/gold-mansard
https://blog.qualys.com/vulnerabilities-research/2021/05/12/nefilim-ransomware
https://docs.google.com/spreadsheets/d/1MI8Z2tBhmqQ5X8Wf_ozv3dVjz5sJOs-3
https://documents.trendmicro.com/assets/white_papers/wp-modern-ransomwares-double-extortion-tactics.pdf
https://id-ransomware.blogspot.com/2020/03/nefilim-ransomware.html
https://intel471.com/blog/how-cybercriminals-create-turbulence-for-the-transportation-industry
https://ke-la.com/how-ransomware-gangs-find-new-monetization-schemes-and-evolve-in-marketing/
https://labs.sentinelone.com/meet-nemty-successor-nefilim-nephilim-ransomware/
https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/
https://news.sophos.com/en-us/2022/03/17/the-ransomware-threat-intelligence-center/
https://securelist.com/evolution-of-jsworm-ransomware/102428/
https://us-cert.cisa.gov/ncas/alerts/aa20-345a
https://vulnerability.ch/2021/04/ransomware-and-date-leak-site-publication-time-analysis/
https://www.accenture.com/us-en/blogs/cyber-defense/evolving-danger-ransomware-extortion
https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/wp-spark-state-of-ransomware.pdf
https://www.bleepingcomputer.com/news/security/home-appliance-giant-whirlpool-hit-in-nefilim-ransomware-attack/
https://www.bleepingcomputer.com/news/security/new-nefilim-ransomware-threatens-to-release-victims-data/
https://www.bleepingcomputer.com/news/security/three-more-ransomware-families-create-sites-to-leak-stolen-data/
https://www.cert.govt.nz/it-specialists/advisories/active-ransomware-campaign-leveraging-remote-access-technologies/
https://www.fireeye.com/blog/threat-research/2020/07/financially-motivated-actors-are-expanding-access-into-ot.html
https://www.hornetsecurity.com/en/security-informationen-en/leakware-ransomware-hybrid-attacks/
https://www.intezer.com/wp-content/uploads/2021/02/Intezer-2020-Go-Malware-Round-Up.pdf
https://www.mandiant.com/resources/financially-motivated-actors-are-expanding-access-into-ot
https://www.picussecurity.com/resource/blog/how-to-beat-nefilim-ransomware-attacks
https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf
https://www.trendmicro.com/en_us/research/21/b/nefilim-ransomware.html
https://www.trendmicro.com/en_us/research/21/f/nefilim-modern-ransomware-attack-story.html
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/nefilim-ransomware-threatens-to-expose-stolen-data
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-as-a-service-enabler-of-widespread-attacks
Note di riscatto

Questo script colleziona ogni rivendicazione criminale esattamente come esposta dalle fonti (modello "As Is"), in un database SQL per creare un feed permanente, che può anche essere seguito con tecnologia RSS.
Il motore è basato sul progetto ransomFeed, fork in GitHub.

© ransomfeed.it 2024 | share with |