Silobreaker Update 2021年03月09日

インターネット上でトレンドとなっている脅威アクター、マルウェアのランキングです。
Silobreaker の API を使用して作成しています。このページに関する説明はこちらをご覧ください。

Name	Move	Volume 1d	Volume 7d	Volume 30d
Covellite Group		3	3	3
CryptoTech		1	1	1
MuddyWater Group		8	11	37
PlayBit		3	3	15
Platinum Group		2	4	5

Name	Move	Volume 1d	Volume 7d	Volume 30d
Parallax RAT		5	5	5
QSnatch Malware		3	3	3
Sarbloh Ransomware		6	7	7
AgeLocker Ransomware		3	3	4
SUPERNOVA Webshell		28	35	43

• ThreatActor:Covellite Group
  • McAfee ATR Thinks in Graphs
  • Published by McAfee Blogs (2021-03-08 20:00:59)
  • Entities:
    • Keyphrase:Mitre,  Product:MISP,  Keyphrase:Density,  Keyphrase:Threat Intelligence,  Keyphrase:Attack
• ThreatActor:CryptoTech
  • New and Improved Version of Ryuk Ransomware
  • Published by Red Sky Alliance – X-Industry – RSS (2021-03-09 00:29:47)
  • Entities:
    • Malware:Ryuk Ransomware,  Organization:ANSSI,  Keyphrase:Infectious,  Keyphrase:Cyber Threat,  Organization:Red Sky Alliance
• ThreatActor:MuddyWater Group
  • virusbtn – Researchers at @TrendMicro recently detected activity targeting various organizations in the Middle East and neighb… https://t.co/3YSB6gDz51
  • Published by virusbtn – Twitter (2021-03-09 01:29:02)
  • Entities:
    • Username:@trendmicro,  ThreatActor:MuddyWater Group,  Username:@virusbtn,  UrlFull:https://www.trendmicro.com/en_us/research/21/c/earth-vetala—muddywater-continues-to-target-organizations-in-t.html,  WorldRegion:Middle East
• ThreatActor:PlayBit
  • hackerfantastic – RT @_CPResearch_: A fresh BlueKeep exploit + loader, written by the exploit developer known as “PlayBit” and named by him “BlackKeep”.
    The…
  • Published by hackerfantastic – Twitter (2021-03-08 23:31:21)
  • Entities:
    • ThreatActor:PlayBit,  Keyphrase:Exploit,  Vulnerability:BlueKeep CVE-2019-0708,  Username:@hackerfantastic,  UrlFull:https://www.virustotal.com/gui/file/061299cc4115fcd076c7da7a7bc342ff66c0b91fbd81ec3817f39abf5ed08dd1/detection
• ThreatActor:Platinum Group
  • Today’s Market View – AfriTin, W Resources, Bluejay Mining and more…
  • Published by Proactiveinvestors United Kingdom RSS feed (2021-03-08 22:14:00)
  • Entities:
    • City:Angel (London, United Kingdom),  EmailDomain:spangel.co.uk,  Country:China,  Keyphrase:Tin,  Keyphrase:Iron Ore
• Malware:Parallax RAT
  • JAMESWT_MHT – #Kronos (64 Genes Parallax Rat)
    #signed “ALPHA AME LIMITED LLP”
    Sample
    https://t.co/DRe42lSQXL

    H/T… https://t.co/m3zAzOULMJ

  • Published by JAMESWT_MHT – Twitter (2021-03-08 17:18:37)
  • Entities:
    • HashTag:#kronos,  Malware:Parallax RAT,  Username:@fr0s7_,  Username:@felixw3000,  Username:@verovaleros
• Malware:QSnatch Malware
  • QNAP NAS Devices Can Be Hacked for Cryptomining—Update Yours Now
  • Published by How-To Geek (2021-03-08 22:07:30)
  • Entities:
    • Product:QNAP Network Attached Storage,  Keyphrase:Cryptomining,  Company:360netlab,  Keyphrase:Hacked,  Keyphrase:NAS
• Malware:Sarbloh Ransomware
  • New Sarbloh ransomware supports Indian farmers’ protest
  • Published by BleepingComputer.com (2021-03-09 06:20:06)
  • Entities:
    • Malware:Sarbloh Ransomware,  Keyphrase:Farmer,  Keyphrase:Protest,  Keyphrase:Ransomware,  Keyphrase:Encryption
• Malware:AgeLocker Ransomware
  • QNAP NAS Devices Can Be Hacked for Cryptomining—Update Yours Now
  • Published by How-To Geek (2021-03-08 22:07:30)
  • Entities:
    • Product:QNAP Network Attached Storage,  Keyphrase:Cryptomining,  Company:360netlab,  Keyphrase:Hacked,  Keyphrase:NAS
• Malware:SUPERNOVA Webshell
  • KimZetter – @Bing_Chris I’m a little confused. Isn’t SUPERNOVA the name of malware (rather than vuln)? SUPERNOVA did use vuln i… https://t.co/Ohe3sc1PKz
  • Published by KimZetter – Twitter (2021-03-09 04:56:22)
  • Entities:
    • Malware:SUPERNOVA Webshell,  Keyphrase:Vulnerability,  Keyphrase:Malware,  Username:@bing_chris,  Username:@kimzetter