Ransomfeed

Profilo, status e statistiche (dal 12-01-2020)

Dettaglio cyber gang
pysa

Profilo gang by OSINT sources: [source: 0]

Mespinosa is a ransomware which encrypts file using an asymmetric encryption and adds .pysa as file extension. According to dissectingmalware the extension "pysa" is probably derived from the Zanzibari Coin with the same name.

Alerts:


Statistiche
N. rivendicazioni 2024 2023 2022
0 0 0 0
URLs
Fonte onionUltimo titoloStatusUltimo scrapeVersione Tor
pysa2bitc5ldeyfak4seeruqymqs4sj5wt5qkcq7aoyg4h2acqieywad.onion Pysa's Partners 🔴 22-02-2022 3
Materiale utile
URL ricerca source: 0
http://www.secureworks.com/research/threat-profiles/gold-burlap
https://blog.cyble.com/2021/11/29/pysa-ransomware-under-the-lens-a-deep-dive-analysis/
https://blogs.blackberry.com/en/2021/06/pysa-loves-chachi-a-new-golang-rat
https://dissectingmalwa.re/another-one-for-the-collection-mespinoza-pysa-ransomware.html
https://docs.google.com/spreadsheets/d/1MI8Z2tBhmqQ5X8Wf_ozv3dVjz5sJOs-3
https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2021GTR.pdf
https://id-ransomware.blogspot.com/2019/10/mespinoza-ransomware.html
https://ke-la.com/how-ransomware-gangs-find-new-monetization-schemes-and-evolve-in-marketing/
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/06/23093553/Common-TTPs-of-the-modern-ransomware_low-res.pdf
https://public.intel471.com/blog/ransomware-as-a-service-2020-ryuk-maze-revil-egregor-doppelpaymer/
https://securelist.com/modern-ransomware-groups-ttps/106824/
https://thedfirreport.com/2020/11/23/pysa-mespinoza-ransomware/
https://twitter.com/campuscodi/status/1347223969984897026
https://twitter.com/inversecos/status/1456486725664993287
https://unit42.paloaltonetworks.com/gasket-and-magicsocks-tools-install-mespinoza-ransomware/
https://vulnerability.ch/2021/04/ransomware-and-date-leak-site-publication-time-analysis/
https://www.bleepingcomputer.com/news/security/ransomware-gangs-script-shows-exactly-the-files-theyre-after/
https://www.cert.ssi.gouv.fr/cti/CERTFR-2020-CTI-002/
https://www.cybereason.com/blog/threat-analysis-report-inside-the-destructive-pysa-ransomware
https://www.cyborgsecurity.com/cyborg_labs/hunting-ransomware-inhibiting-system-backup-or-recovery/
https://www.hhs.gov/sites/default/files/mespinoza-goldburlap-cyborgspider-analystnote-tlpwhite.pdf
https://www.hornetsecurity.com/en/security-informationen-en/leakware-ransomware-hybrid-attacks/
https://www.ic3.gov/Media/News/2021/210316.pdf
https://www.lacework.com/blog/pysa-ransomware-gang-adds-linux-support/
https://www.prodaft.com/m/reports/PYSA_TLPWHITE_3.0.pdf
https://www.prodaft.com/resource/detail/pysa-ransomware-group-depth-analysis
https://www.sentinelone.com/blog/from-the-front-lines-peering-into-a-pysa-ransomware-attack/
https://www.splunk.com/en_us/blog/security/gone-in-52-seconds-and-42-minutes-a-comparative-analysis-of-ransomware-encryption-speed.html
https://www.splunk.com/en_us/pdfs/resources/whitepaper/an-empirically-comparative-analysis-of-ransomware-binaries.pdf
https://www.symantec.broadcom.com/hubfs/SED/SED_Threat_Hunter_Reports_Alerts/SED_FY22Q2_SES_Ransomware-Threat-Landscape_WP.pdf
https://www.zdnet.com/article/france-warns-of-new-ransomware-gang-targeting-local-governments/
Note di riscatto

Questo script colleziona ogni rivendicazione criminale esattamente come esposta dalle fonti (modello "As Is"), in un database SQL per creare un feed permanente, che può anche essere seguito con tecnologia RSS.
Il motore è basato sul progetto ransomFeed, fork in GitHub.

© ransomfeed.it 2024 | share with |