Silobreaker Update 2021年12月16日

インターネット上でトレンドとなっている脅威アクター、マルウェアのランキングです。
Silobreaker の API を使用して作成しています。このページに関する説明はこちらをご覧ください。

Name	Move	Volume 1d	Volume 7d	Volume 30d
Maza-in		2	2	2
MoneyTaker		2	2	2
FIN13		3	3	6
MuddyWater Group		14	25	32
Hafnium Group		12	13	34

Name	Move	Volume 1d	Volume 7d	Volume 30d
Owowa Module		11	17	17
HelloKitty Ransomware		9	13	14
BoomBox Malware		5	5	10
NativeZone		5	5	10
Khonsari Ransomware		30	63	63

• ThreatActor:Maza-in
• Anubis Android malware is back, and going after your banking apps
• Published by TechRadar – RSS (2021-12-16 00:50:01)
• Entities:
  • Malware:BankBot Anubis,  Keyphrase:Banking App,  Company:Lookout Inc,  ThreatActor:Maza-in,  Software:Google Play
• ThreatActor:MoneyTaker
• PRESS: Hackers steal money from bank’s correspondent account
• Published by Prime Business News Agency (2021-12-15 17:32:00)
• Entities:
  • Keyphrase:Computer Hacker,  Keyphrase:Bank,  Company:Group-IB,  ThreatActor:MoneyTaker,  Publisher:Vedomosti
• ThreatActor:FIN13
• vxunderground – Updates to vx-underground:APT collection:
  2021.11.10/Void Balaur
  2021.12.06/Nobelium
  2021.12.07/FIN13

  Malware co… https://t.co/trQmWvxxY6

• Published by vxunderground – Twitter (2021-12-15 21:33:41)
• Entities:
  • Malware:Quantum Ransomware,  Malware:Owowa Module,  UrlFull:http://vx-underground.org,  ThreatActor:FIN13,  Malware:Tor2Mine Cryptominer
• ThreatActor:MuddyWater Group
• Seedworm Targeting Telecom, IT, and Utility firms in the Middle East and Asia
• Published by Cyware (2021-12-16 03:29:00)
• Entities:
  • ThreatActor:MuddyWater Group,  WorldRegion:Middle East,  Keyphrase:Telecommunications,  Incident:Attack,  Continent:Asia
• ThreatActor:Hafnium Group
• China, Iran accused of exploiting new Log4J hack to invade U.S. systems
• Published by Washington Times (2021-12-16 01:29:01)
• Entities:
  • Software:Apache Log4J,  Keyphrase:Vulnerability,  Company:Microsoft Corporation,  Country:Iran,  ThreatActor:Hafnium Group
• Malware:Owowa Module
• Owowa Malware
• Published by Remove Spyware & Malware with SpyHunter – Enigma Software Group USA LLC (2021-12-16 04:06:12)
• Entities:
  • Malware:Owowa Module,  Keyphrase:Malware,  Software:Microsoft Exchange Server Enterprise,  Keyphrase:Research,  Keyphrase:Web Applications
• Malware:HelloKitty Ransomware
• Notorious HelloKitty hackers tracked to unexpected country
• Published by Russia Today (2021-12-16 04:41:00)
• Entities:
  • Malware:HelloKitty Ransomware,  Keyphrase:Computer Hacker,  GovernmentBody:FBI Federal Bureau of Investigation,  Malware:Fivehands Ransomware,  Company:Oregon Anesthesiology Group
• Malware:BoomBox Malware
• The final report on NOBELIUM’s unprecedented nation-state attack
• Published by Microsoft Security Blog (2021-12-16 02:00:00)
• Entities:
  • ThreatActor:UNC2452,  Keyphrase:Persian Gulf Security,  Keyphrase:Nation-state,  Incident:Attack,  Company:Microsoft Corporation
• Malware:NativeZone
• The final report on NOBELIUM’s unprecedented nation-state attack
• Published by Microsoft Security Blog (2021-12-16 02:00:00)
• Entities:
  • ThreatActor:UNC2452,  Keyphrase:Persian Gulf Security,  Keyphrase:Nation-state,  Incident:Attack,  Company:Microsoft Corporation
• Malware:Khonsari Ransomware
• Log4j flaw exploitation leads to the new Khonsari ransomware delivery
• Published by 2SpyWare – RSS (2021-12-15 18:17:21)
• Entities:
  • Malware:Khonsari Ransomware,  Software:Apache Log4J,  Keyphrase:Exploitation,  Keyphrase:Ransomware,  Vulnerability:CVE-2021-44228 (Log4Shell)