ioc[.]one - OSINT Cyber Threat Intelligence Database

Inside the Ransomware World: Uncovering Groups, Tactics, and Operations Part : 1

Tags

country:	Australia Brazil Canada Germany Gabon India Pakistan Italy Japan South Korea Laos New Zealand Russia Ukraine United Kingdom United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Model Models Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Financial Theft - T1657 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Remote Desktop Protocol - T1021.001 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Remote Desktop Protocol - T1076

Show in Graph

Common Information

Type	Value
UUID	92abe3b4-b2f0-443c-bd8d-4247723f1663
Fingerprint	a55480db9a99bed2
Analysis status	DONE
Considered CTI value	1
Text language
Published	Sept. 14, 2024, 5:51 p.m.
Added to db	Sept. 14, 2024, 8:11 p.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	Inside the Ransomware World: Uncovering Groups, Tactics, and Operations Part : 1
Title	Inside the Ransomware World: Uncovering Groups, Tactics, and Operations Part : 1
Detected Hints/Tags/Attributes	180/3/83

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@vicky.narayanasamy/inside-the-ransomware-world-uncovering-groups-tactics-and-operations-part-1-a7f45ef3fafb?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	3	www.cobalt.io
Details	Domain	172	www.crowdstrike.com
Details	Domain	1	vipre.com
Details	Domain	151	www.bbc.com
Details	Domain	22	www.cbsnews.com
Details	Domain	5	www.sygnia.co
Details	Domain	71	news.sophos.com
Details	Domain	122	www.kaspersky.com
Details	Domain	1	news.cognizant.com
Details	Domain	73	techcrunch.com
Details	Domain	37	www.blackberry.com
Details	Domain	622	en.wikipedia.org
Details	Domain	4	www.cshub.com
Details	Domain	4	www.sangfor.com
Details	Domain	11	www.blackfog.com
Details	Domain	41	www.hhs.gov
Details	Domain	2	cyberlaw.ccdcoe.org
Details	Domain	7	www.telsy.com
Details	Domain	145	threatpost.com
Details	Domain	1	www.kaspersky.co.in
Details	Domain	202	krebsonsecurity.com
Details	Domain	99	therecord.media
Details	Domain	4	www.connectwise.com
Details	Domain	96	malpedia.caad.fkie.fraunhofer.de
Details	Domain	39	heimdalsecurity.com
Details	Domain	5	www.dawn.com
Details	Domain	224	unit42.paloaltonetworks.com
Details	Domain	5	www.threatdown.com
Details	Domain	3	www.cybersecurity-insiders.com
Details	Domain	9	darktrace.com
Details	File	1	9.py
Details	File	252	www.cs
Details	File	1	lessons-learned-hse-attack.pdf
Details	File	1	revil-update-tlpwhite.pdf
Details	File	1	-reason-unknown.html
Details	Threat Actor Identifier - FIN	127	FIN11
Details	Url	1	https://news.sophos.com/en-us/2019/12/09/5m-bounty-set-on-the-alleged-head-of-evil-corp-banking-trojan-group
Details	Url	1	https://www.cobalt.io/blog/11-biggest-ransomware-attacks-in-history
Details	Url	1	https://www.cshub.com/attacks/articles/incident-of-the-week-garmin-pays-10-million-to-ransomware-hackers-who-rendered-systems-useless
Details	Url	6	https://www.crowdstrike.com/blog/doppelpaymer-ransomware-and-dridex-2
Details	Url	1	https://vipre.com/glossary-terms/what-is-revil-ransomware-evil/#:
Details	Url	1	https://www.bbc.com/news/technology-57707530
Details	Url	1	https://www.cbsnews.com/news/jbs-ransom-11-million
Details	Url	1	https://www.sygnia.co/threat-reports-and-advisories/kaseya-ransomware-supply-chain-attack
Details	Url	1	https://www.kaseya.com/press-release/kaseya-responds-swiftly-to-sophisticated-cyberattack-mitigating-global-disruption-to-customers
Details	Url	1	https://news.sophos.com/en-us/2020/05/12/maze-ransomware-1-year-counting
Details	Url	1	https://www.kaspersky.com/resource-center/definitions/what-is-maze-ransomware
Details	Url	1	https://news.cognizant.com/2020-04-18-cognizant-security-update
Details	Url	1	https://techcrunch.com/2020/03/26/chubb-insurance-breach-ransomware
Details	Url	1	https://www.bitdefender.com/blog/hotforsecurity/maze-ransomware-used-in-pensacola-cyber-attack/?srsltid=afmboorzerowjf34veie8b5nl9eyk_izf8eeaoh8n463m_rsgkdytcpl
Details	Url	1	https://www.blackberry.com/us/en/solutions/endpoint-security/ransomware-protection/lockbit
Details	Url	1	https://en.wikipedia.org/wiki/lockbit
Details	Url	1	https://www.cshub.com/executive-decisions/articles/accenture-faces-50-million-ransom-demand
Details	Url	1	https://www.industrialcybersecuritypulse.com/threats-vulnerabilities/throwback-attack-christmas-attack-on-sickkids-hospital-prompts-rare-apology-from-lockbit
Details	Url	1	https://www.sangfor.com/blog/cybersecurity/nagoya-port-cyber-attack-by-lockbit-ransomware
Details	Url	1	https://en.wikipedia.org/wiki/wizard_spider
Details	Url	1	https://www.blackfog.com/wizard-spider-russian-cybercrime-group
Details	Url	1	https://en.wikipedia.org/wiki/health_service_executive_ransomware_attack
Details	Url	1	https://www.hhs.gov/sites/default/files/lessons-learned-hse-attack.pdf
Details	Url	1	https://en.wikipedia.org/wiki/2022_costa_rican_ransomware_attack
Details	Url	1	https://cyberlaw.ccdcoe.org/wiki/costa_rica_ransomware_attack_
Details	Url	1	https://www.telsy.com/en/the-blackmatter-ransomware
Details	Url	1	https://www.acronis.com/en-sg/cyber-protection-center/posts/olympus-corporation-shuts-down-networks-after-cyberattack
Details	Url	1	https://www.bleepingcomputer.com/news/security/us-farmer-cooperative-hit-by-59m-blackmatter-ransomware-attack
Details	Url	1	https://cloud.google.com/blog/topics/threat-intelligence/fin11-email-campaigns-precursor-for-ransomware-data-theft
Details	Url	1	https://portswigger.net/daily-swig/fin11-uncovered-hacking-group-promoted-to-financial-cybercrime-elite
Details	Url	1	https://threatpost.com/accellion-zero-day-attacks-clop-ransomware-fin11/164150
Details	Url	1	https://www.hhs.gov/sites/default/files/revil-update-tlpwhite.pdf
Details	Url	1	https://www.kaspersky.co.in/blog/gandcrab-ransomware-is-back/15352
Details	Url	2	https://krebsonsecurity.com/2019/07/whos-behind-the-gandcrab-ransomware
Details	Url	1	https://threatpost.com/gandcrabs-rotten-eggs-hatch-ransomware-in-south-korea/136689
Details	Url	1	https://therecord.media/medical-firm-reaches-settlement-with-hhs
Details	Url	1	https://www.connectwise.com/blog/cybersecurity/what-is-pysa-ransomware
Details	Url	1	https://www.computerweekly.com/news/366596113/hackney-council-reprimanded-over-2020-ransomware-attack
Details	Url	1	https://itwire.com/business-it-news/security/ransomware-group-takes-mybudget-name-off-site,-reason-unknown.html
Details	Url	1	https://malpedia.caad.fkie.fraunhofer.de/actor/circus_spider
Details	Url	1	https://heimdalsecurity.com/blog/netwalker-ransomware-explained
Details	Url	1	https://www.forbes.com/sites/daveywinder/2020/06/29/the-university-of-california-pays-1-million-ransom-following-cyber-attack
Details	Url	1	https://www.dawn.com/news/1578882
Details	Url	1	https://unit42.paloaltonetworks.com/ransomware-threat-assessments/6
Details	Url	1	https://www.threatdown.com/blog/a-deep-dive-into-phobos-ransomware
Details	Url	1	https://www.cybersecurity-insiders.com/dharma-ransomware-attack-on-texas-based-hospital
Details	Url	1	https://darktrace.com/blog/old-but-still-dangerous-dharma-ransomware-via-rdp-intrusion