Cyble¤Ï11·î18Æü(Êƹñ»þ´Ö)¡¢¡ÖCyble - AXLocker, Octocrypt, and Alice: Leading a new wave of Ransomware Campaigns¡×¤Ë¤ª¤¤¤Æ¡¢¿·¤¿¤Ê¥é¥ó¥µ¥à¥¦¥§¥¢¥­¥ã¥ó¥Ú¡¼¥ó¤¬Ê£¿ôŸ³«¤µ¤ì¤Æ¤¤¤ë¤È¤·¤Æ¡¢Ãí°Õ¤ò¸Æ¤Ó³Ý¤±¤¿¡£Æ±¼Ò¤Ï¡¢¡ÖAXLocker¡×¡ÖOctocrypt¡×¡ÖAlice¡×¤È¸Æ¤Ð¤ì¤ë¿·¤¿¤Ê3¤Ä¤Î¥é¥ó¥µ¥à¥¦¥§¥¢¤òȯ¸«¤·¡¢¤É¤Î¤è¤¦¤ËÆ°ºî¤¹¤ë¤Î¤«¤ò¾Ò²ð¤·¤¿¡£

Cyble - AXLocker, Octocrypt, and Alice: Leading a new wave of Ransomware Campaigns

AXLocker¤ÏÈï³²¼Ô¤Î¥Õ¥¡¥¤¥ë¤ò°Å¹æ²½¤·¡¢´¶À÷¤·¤¿¥Þ¥·¥ó¤«¤éDiscord¥È¡¼¥¯¥ó¤òÀà¼è¤¹¤ë¥é¥ó¥µ¥à¥¦¥§¥¢¤È¤µ¤ì¤Æ¤¤¤ë¡£¥³¡¼¥É¤ÎʬÀϤˤè¤ê¡¢startencryption()´Ø¿ô¤¬¡¢C¥É¥é¥¤¥Ö¾å¤ÎÍøÍѲÄǽ¤Ê¥Ç¥£¥ì¥¯¥È¥ê¤òÎóµó¤¹¤ë¤³¤È¤Ë¤è¤Ã¤Æ¥Õ¥¡¥¤¥ë¤ò¸¡º÷¤¹¤ëµ¡Ç½¤ò¼ÂÁõ¤·¤Æ¤¤¤ë¤³¤È¤¬ÌÀ¤é¤«¤Ë¤µ¤ì¤Æ¤¤¤ë¡£¤Þ¤¿¡¢ÆÃÄê¤Î¥Õ¥¡¥¤¥ë³ÈÄ¥»Ò¤Î¤ß¤òÂоݤȤ·¡¢°Å¹æ²½¥×¥í¥»¥¹¤«¤é¥Ç¥£¥ì¥¯¥È¥ê¤Î¥ê¥¹¥È¤ò½ü³°¤¹¤ë¤è¤¦À߷פµ¤ì¤Æ¤¤¤ë¤³¤È¤¬È½ÌÀ¤·¤Æ¤¤¤ë¡£

Static file details of AXLocker ransomware - Cyble

Octocrypt ¤Ï¡¢¤¹¤Ù¤Æ¤ÎWindows¤ò¥¿¡¼¥²¥Ã¥È¤Ë¤·¤Æ¤¤¤ë¿·¤·¤¤¥é¥ó¥µ¥à¥¦¥§¥¢¤È¤µ¤ì¤Æ¤¤¤ë¡£¥é¥ó¥µ¥à¥¦¥§¥¢¤Î¹½Ãۥġ¼¥ë¡¢°Å¹æ²½¥Ä¡¼¥ë¡¢Éü¹æ¥Ä¡¼¥ë¤ÏGolang¤Çµ­½Ò¤µ¤ì¤Æ¤ª¤ê¡¢¥é¥ó¥µ¥à¥¦¥§¥¢¡¦¥¢¥º¡¦¥¢¡¦¥µ¡¼¥Ó¥¹(RaaS: Ransomware-as-a-Service)¤Ë¤è¤Ã¤ÆÄ󶡤µ¤ì¤Æ¤¤¤ë¡£¤³¤Î¥é¥ó¥µ¥à¥¦¥§¥¢¤Ï°Å¹æ²½¤ÈÉü¹æ¤ò¹½ÃÛ¤¹¤ë¤¿¤á¤Î¥·¥ó¥×¥ë¤ÊWeb¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ò»ý¤Á¡¢Web¥Ñ¥Í¥ë¤Ë¤Ï´¶À÷¤·¤¿Èï³²¼Ô¤Î¾ÜºÙ¤âɽ¼¨¤µ¤ì¤ë¤È¤¤¤¦¡£

Post Made by the Octocrypt developer on Cybercrime Forum - Cyble

¤µ¤é¤Ë¡¢Alice¤È̾ÉÕ¤±¤é¤ì¤¿¿·¤·¤¤¥é¥ó¥µ¥à¥¦¥§¥¢¤¬¥µ¥¤¥Ð¡¼ÈȺá¥Õ¥©¡¼¥é¥à¤ËÅо줷¤Æ¤¤¤ë¡£Alice¥é¥ó¥µ¥à¥¦¥§¥¢¤âRaaS¤Ë¤è¤Ã¤ÆÆ°ºî¤¹¤ë¤È¤µ¤ì¤Æ¤¤¤ë¡£

Alice ransomware post shared by TA on a Cybercrime Forum - Cyble

¥é¥ó¥µ¥à¥¦¥§¥¢¤Ï¡¢´ë¶È¡¢¸Ä¿Í¤À¤±¤Ç¤Ê¤¯À¯Éܵ¡´Ø¤ËÂФ·¤Æ¤â¿¼¹ï¤Ê¥ê¥¹¥¯¤òÍ¿¤¨Â³¤±¤Æ¤¤¤ë¡£ÁÈ¿¥¤Ï¥µ¥¤¥Ð¡¼ÈȺá¼Ô¤¬»ÈÍѤ¹¤ë¼êË¡¤ÎÀè¤ò¹Ô¤­¡¢É¬Íפʥ»¥­¥å¥ê¥Æ¥£¤Î¥Ù¥¹¥È¥×¥é¥¯¥Æ¥£¥¹¤È¥»¥­¥å¥ê¥Æ¥£¥³¥ó¥È¥í¡¼¥ë¤òƳÆþ¤¹¤ëɬÍפ¬¤¢¤ë¤ÈÅÁ¤¨¤é¤ì¤Æ¤¤¤ë¡£