Ransomfeed

Profilo, status e statistiche (dal 12-01-2020)

Dettaglio cyber gang
netwalker

Profilo gang by OSINT sources: [source: 0]

NetWalker ransomware group operates by the threat actor known as "CIRCUS SPIDER". The NetWalker ransomware was discovered in 2019. The group mainly targeting the Asia Pacific region but can attack globally. The group uses common attacking tools like Mimikatz and other legitimate tools (LOLBINS) like PSTools, AnyDesk, TeamViewer, NLBrute, and more. The group knowing by targeting the healthcare sector. Finally, in January 2021, Netwalker was takedown by the authorities, the police have confiscated hundreds of thousands of dollars in ransom payments collected by the Netwalker group, and they seized servers and disrupted the infrastructure and the darknet websites of the Netwalker ransomware group.

Alerts:


Statistiche
N. rivendicazioni 2024 2023 2022
0 0 0 0
URLs
Fonte onionUltimo titoloStatusUltimo scrapeVersione Tor
rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion 🔴 01-05-2021 3
Materiale utile
URL ricerca source: 0
https://0x00-0x7f.github.io/Netwalker-from-Powershell-reflective-loader-to-injected-Dll/
https://blog.talosintelligence.com/2020/09/CTIR-quarterly-trends-Q4-2020.html
https://blog.trendmicro.com/trendlabs-security-intelligence/netwalker-fileless-ransomware-injected-via-reflective-loading/
https://blogs.blackberry.com/en/2021/03/zerologon-to-ransomware
https://cert-agid.gov.it/news/netwalker-il-ransomware-che-ha-beffato-lintera-community/
https://cti-league.com/wp-content/uploads/2021/02/CTI-League-Darknet-Report-2021.pdf
https://danusminimus.github.io/Zero2Auto-Netwalker-Walkthrough/
https://docs.google.com/spreadsheets/d/1MI8Z2tBhmqQ5X8Wf_ozv3dVjz5sJOs-3
https://download.microsoft.com/download/f/8/1/f816b8b6-bee3-41e5-b6cc-e925a5688f61/Microsoft_Digital_Defense_Report_2020_September.pdf
https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2021GTR.pdf
https://go.crowdstrike.com/rs/281-OBQ-266/images/ReportCSIT-20081e.pdf
https://ics-cert.kaspersky.com/media/KASPERSKY_H1_2020_ICS_REPORT_EN.pdf
https://id-ransomware.blogspot.com/2019/09/koko-ransomware.html
https://ke-la.com/how-ransomware-gangs-find-new-monetization-schemes-and-evolve-in-marketing/
https://ke-la.com/to-attack-or-not-to-attack-targeting-the-healthcare-sector-in-the-underground-ecosystem/
https://krebsonsecurity.com/2021/01/arrest-seizures-tied-to-netwalker-ransomware
https://lopqto.me/posts/automated-dynamic-import-resolving
https://news.sophos.com/en-us/2020/05/27/netwalker-ransomware-tools-give-insight-into-threat-actor/
https://news.sophos.com/en-us/2022/03/17/the-ransomware-threat-intelligence-center/
https://public.intel471.com/blog/ransomware-as-a-service-2020-ryuk-maze-revil-egregor-doppelpaymer/
https://s3.documentcloud.org/documents/21199896/vachon-desjardins-court-docs.pdf
https://seguranca-informatica.pt/netwalker-ransomware-full-analysis/
https://sites.temple.edu/care/ci-rw-attacks/
https://tccontre.blogspot.com/2020/05/netwalker-ransomware-api-call.html
https://thedfirreport.com/2020/08/31/netwalker-ransomware-in-1-hour/
https://therecord.media/darkside-gang-estimated-to-have-made-over-90-million-from-ransomware-attacks/
https://therecord.media/ransomwhere-project-wants-to-create-a-database-of-past-ransomware-payments/
https://www.advanced-intel.com/post/netwalker-ransomware-group-enters-advanced-targeting-game
https://www.bleepingcomputer.com/news/security/darkside-ransomware-made-90-million-in-just-nine-months/
https://www.bleepingcomputer.com/news/security/enel-group-hit-by-ransomware-again-netwalker-demands-14-million
https://www.bleepingcomputer.com/news/security/enel-group-hit-by-ransomware-again-netwalker-demands-14-million/
https://www.bleepingcomputer.com/news/security/mailto-netwalker-ransomware-targets-enterprise-networks/
https://www.bleepingcomputer.com/news/security/michigan-state-university-network-breached-in-ransomware-attack/
https://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/
https://www.bleepingcomputer.com/news/security/netwalker-ransomware-infecting-users-via-coronavirus-phishing/
https://www.coveware.com/blog/ransomware-attack-vectors-shift-as-new-software-vulnerability-exploits-abound
https://www.crowdstrike.com/blog/analysis-of-ecrime-menu-style-toolkits/
https://www.crowdstrike.com/blog/big-game-hunting-on-the-rise-again-according-to-ecrime-index/
https://www.cybereason.com/blog/cybereason-vs.-netwalker-ransomware
https://www.cyborgsecurity.com/cyborg_labs/hunting-ransomware-inhibiting-system-backup-or-recovery/
https://www.deepinstinct.com/2021/05/26/deep-dive-packing-software-cryptone/
https://www.hornetsecurity.com/en/security-informationen-en/leakware-ransomware-hybrid-attacks/
https://www.ic3.gov/media/news/2020/200929-2.pdf
https://www.incibe-cert.es/blog/ransomware-netwalker-analisis-y-medidas-preventivas
https://www.justice.gov/opa/pr/department-justice-launches-global-action-against-netwalker-ransomware
https://www.justice.gov/usao-mdfl/press-release/file/1360846/download
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/take-a-netwalk-on-the-wild-side/
https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/
https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/Unit_42/unit42-ransomware-threat-report-2021.pdf
https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/paas-or-how-hackers-evade-antivirus-software/
https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf
https://www.pwc.co.uk/issues/cyber-security-services/insights/what-is-behind-ransomware-attacks-increase.html
https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-leaks-examining-the-panama-papers-of-ransomware.html
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/an-in-depth-look-at-mailto-ransomware-part-one-of-three/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/an-in-depth-look-at-mailto-ransomware-part-three-of-three/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/an-in-depth-look-at-mailto-ransomware-part-two-of-three/
https://www.ucsf.edu/news/2020/06/417911/update-it-security-incident-ucsf
https://www.welivesecurity.com/wp-content/uploads/2020/07/ESET_Threat_Report_Q22020.pdf
https://www.youtube.com/watch?v=q8of74upT_g
https://www.zeit.de/digital/2021-06/cybercrime-extortion-internet-spyware-ransomware-police-prosecution-hackers
https://zengo.com/bitcoin-ransomware-detective-ucsf/
https://zero2auto.com/2020/05/19/netwalker-re/
Note di riscatto

netwalker : Crypto wallet(s)

address blockchain Balance
17TMc2UkVRSga2yYvuxSD9Q1XyB2EPRjTF bitcoin $ 9196
1DTE5x3Rjn2q75HjX6hiu8CQwEGqe6wQ4s bitcoin $ 26688
1C7FeXMf18mGrcF59DJTkmxnRfkKeG1KFZ bitcoin $ 2185661
18x7PieotZcmMwYSaYbbV8X3zBMentd5Fu bitcoin $ 148414
1Kcwserp7KqSMYBDe6Ra5atHP6xWbQPBnD bitcoin $ 2110466
1GuPsTqJjib8t2idTaLwa95kRLtiWhrE5A bitcoin $ 1575360
1C9wdSqXngQSMabJWRAn9jSzThLqmVBz28 bitcoin $ 16244
1MTm1qxzVLvGPMnQ5vWPXGrNapC2XPyGAU bitcoin $ 653429
1GmoNbUmxdYZyb97wFAVtQjq7xt2Km3Qb2 bitcoin $ 6024
1LgA6afU8BNTC9bwwHu6zN2RgJEMspHQbM bitcoin $ 220453
1H2Spjde9d6YaoBfJ4LYmFWxDsgmxf92Ln bitcoin $ 609725
1HNZEpCrS2uBSNXb4TqZ76fD4VkyMzD5dL bitcoin $ 3700
1AHod4t1vpW9aLxQM4CEcj5cxdCmQnpgLD bitcoin $ 111128
13i19sWBpe5Z6P6HHigNFW1ebeWhXzmPfS bitcoin $ 115157
1E4s5oWDH2KqjR5S5aywR3oThHrZT9s4Ui bitcoin $ 1380
14fHcTQx7wwcbMa5opGqdJXTSEqTGRtoxS bitcoin $ 790
19nwTbrjLRRjxXam8NxExib8uWuuA78Cu3 bitcoin $ 419376
13DFuTYQhKQyj7m5pNzWrySsNUnFakcojp bitcoin $ 2104103
1McnyaGV4yaS7AQo97G8AHLFx94WzA751U bitcoin $ 19348
13msidWLjvS6HUAmQcDj98nLno4BzZusXT bitcoin $ 17014
12bG5T6kvj9iWPzCxTjPcWipKaRDLLXZBL bitcoin $ 483298
1DgLhGeJfoUkkXdYNVf7SNckX5ST5taPVo bitcoin $ 2428273
1GuR4EA1g9yFPP13QjnqjZscGdyyvCN4WZ bitcoin $ 829
bc1qsmehmvycn97hsl3l8mjavg8u44ymvmutmhzvtx bitcoin $ 227
bc1qxkz0nsrqfat833fq9gh7ypk0qcvrgqku679cz0 bitcoin $ 135857
bc1qc0xzda5wurdz2yhurdch8jvz6natg2w86749fc bitcoin $ 122161
3KyeCr9QA56pAjEpUPrPVH5E9FuvPPcXuk bitcoin $ 77042
bc1qxay7nulfvjtz53p6erdajrfzdwtwc7vhah25c2 bitcoin $ 657
bc1qcwadmycvzen2qkjnge2hhgtgulerssy56pqx9k bitcoin $ 30641
bc1qdfqazmrxermtsefgeskc2e2jngmkx0hvl55hek bitcoin $ 53973
1QDTerJPMMdPnbvWr8R5p4SYTPbQLzk8vj bitcoin $ 1128
bc1qqs4px4km9xlal0aquuucxeuj2m30llj7w9jwpv bitcoin $ 87527
bc1q2n664ugqjxcalnk5ts4qraz47plvyvwpeyryat bitcoin $ 87185
3ELWptyxydCYekCuLwZPCDC79vLzvvXDv4 bitcoin $ 27250
1NJFpoLF5WsKfcWicctEZ3ykhBKoooQcLi bitcoin $ 853366
35XP3iS53jgE4K7atFwmjoKrxy5hC6dbKp bitcoin $ 29329
bc1qx35wa2reueyf2jmhq3ffdv5vmqn5s8nm6flp9n bitcoin $ 37251
bc1qg4l65gt8pkfu9c62d5dz4dlzgu8g7qp5257luw bitcoin $ 38978
bc1qaktxa75kx8xglvmr5pgvruj0rjmvgxyaxxypfj bitcoin $ 108639
bc1qas4q5ursafmagzkvhs3v6sl4t98v9tnr8a75rg bitcoin $ 233846
bc1qj9r03antk5ynmgucd0gmrnf0ufu7mq05fxgwxa bitcoin $ 654
bc1qx0ngr555gepwqutxuwkdxdcfjwwdhgtfmyaxzt bitcoin $ 180845
1MshYtvKZNbKr4RQgynAkAJQcWcrwaaZQF bitcoin $ 750
3P1nVcu7iwgAL6F5CJuQBwrgBwt9tqVaFi bitcoin $ 38871
bc1q5fx98qud4htkg7alr0eve7aq34k9m4rc2jqwtr bitcoin $ 237948
bc1qulr3z39ue858wvcp5w8q2dugafz430j46q32qj bitcoin $ 18880
bc1qeqa7cpzajpqcvne0vm6ql3m5klye47ws6zh2qt bitcoin $ 16512
bc1q8zkuuwu30ajagzcl4au9fnvc8tfddjcpjxxqt6 bitcoin $ 14362
bc1qheumh307l9jf2s8aw7wgztkfjkjrfsn8pnhcww bitcoin $ 1618
3MRrmDQZHJokDJxjnR4SmFA8V6ZAec6dAv bitcoin $ 3633915
39vtf4inwt1Beg6Gj1iN6kgaG8A9NN4hBo bitcoin $ 114782
bc1qfhw6tzkj0sgh0lqswadtvzf9z0k0qmz9vzv4z4 bitcoin $ 784
bc1qhnwufcw2929kfh36xn6djscxfzs5lh5eassujw bitcoin $ 21283
bc1qdaw8xq5ymr7u8mvzq26zmq0fpqtefgnj76fgv3 bitcoin $ 818
35DU1XS6puwJXGUwWKhTyTD2LjuP6H5HSt bitcoin $ 2019668
bc1qdhlw8a6afds8933szg0ry3qedej9ef9nhcs4dw bitcoin $ 8445
bc1qkghe3wha87qpcx3mdedt2ux5atguearhj8mvan bitcoin $ 47
bc1q98z5gcxan998h0uem0y4y4qtmm45xk4r2e5m9p bitcoin $ 5235133
bc1q7aghpv8l4gwha7sfzrvx0v5m5y9rh4h2skgvu5 bitcoin $ 399
bc1qsypgqumac6y643we80xxst35acpmcal2cv34cn bitcoin $ 118899
bc1qf25ayzqsranmvnc8l72s6mdqvkvlr6mqrfcqg8 bitcoin $ 282
bc1q4qdsh3vveypwekxwpgeruh28revh62af7yz8ph bitcoin $ 29492
bc1q9dd8k6jtdsc7yrefk0ythmhpensn22m26ge7rl bitcoin $ 22753
bc1qq2ju8mz5whsu6g08t2rgtq8c0jnnj6s90zd279 bitcoin $ 1514
bc1q8r398v5v4aw0a6cah3ddd8nngq2nfqr40xpg3q bitcoin $ 567683
bc1qzf593zdg0fw7kmxrp4vgmx96zhsdee5khrftcj bitcoin $ 169

Last update : Monday 13/03/2023 21.09 (UTC)

Questo script colleziona ogni rivendicazione criminale esattamente come esposta dalle fonti (modello "As Is"), in un database SQL per creare un feed permanente, che può anche essere seguito con tecnologia RSS.
Il motore è basato sul progetto ransomFeed, fork in GitHub.

© ransomfeed.it 2024 | share with |