One Article Review
| Source |  Fortinet ThreatSignal |
|---|---|
| Identifiant | 8286102 |
| Date de publication | 2022-11-30 16:35:59 (vue: 2022-12-01 01:05:46) |
| Titre | RansomBoggs Ransomware Targeted Multiple Ukrainian Organizations |
| Texte | FortiGuard Labs is aware of a report that a new ransomware strain named "RansomBoggs" was deployed to multiple unnamed organizations in Ukraine. The ransomware encrypts files on compromised machines and provides attacker's contact information for victims to talk with the attacker for file recovery.Why is this Significant?This is significant because RansomBoggs is the latest ransomware that targets Ukrainian organizations. Based on the tactics, techniques, and procedures (TTPs) used in the attack, security vendor ESET attributed RansomBoggs to the Sandworm APT group who is believed to be associated with the Main Directorate of the General Staff of the Armed Forces of the Russian Federation.What is RansomBoggs Ransomware?RansomBoggs ransomware encrypts files on compromised machines and adds a ".chsch" file extension to the affected files. It drops a ransom note requesting victims to get in touch with the attacker for file recovery.Currently, there is no indication that RansomBoggs ransomware has wiper functionality.What is the Status of Coverage?FortiGuard Labs provides the following AV signature for RansomBoggs ransomware:MSIL/Filecoder.A!tr.ransom |
| Envoyé | Oui |
| Condensat | adds affected apt armed associated attack attacker attributed aware based because believed chsch compromised contact coverage currently deployed directorate drops encrypts eset extension federation file files following forces fortiguard functionality general get group has indication information labs latest machines main multiple named new note organizations procedures provides ransom ransomboggs ransomware ransomware:msil/filecoder recovery report requesting russian sandworm security signature significant staff status strain tactics talk targeted targets techniques touch ttps ukraine ukrainian unnamed used vendor victims what who why wiper |
| Tags | Ransomware |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.