Malware DropbearDec 12, 2022

Doing some research on RANSOMBOGGS, seeing a number of open-source reports linking this activity to Sandworm due to some similarities in deployment techniques.

Has anyone seen some more concrete attribution for the originator of this strain?

Also has anyone seen it being deployed outside of Ukraine?

#threatIntel #ransomware #ransomboggs #threatintelligence #apt

Teddy / Domingo (πŸ‡¨πŸ‡΅/πŸ‡¬πŸ‡§)Nov 29, 2022
#RansomBoggs #Attacks in #Ukraine Linked To Russian Hackers. Sandworm’s linkage with the new #RansomBoggs indicates that the group is actively enhancing its toolset to make its #attacks efficient.
https://cyware.com/news/ransomboggs-attacks-in-ukraine-linked-to-russian-hackers-ddf45c03/?&web_view=true
#war #cyberwar #russia
RansomBoggs Attacks in Ukraine Linked To Russian Hackers

ESET researchers connected the Russian Sandworm APT group to a new ransomware, dubbed RansomBoggs, that has been targeting Ukrainian entities.

Cyware
Teddy / Domingo (πŸ‡¨πŸ‡΅/πŸ‡¬πŸ‡§)Nov 26, 2022
New #ransomware #attacks in #Ukraine linked to Russian #Sandworm hackers. Slovak software company ESET who first spotted this wave of #attacks, says the #ransomware they named #RansomBoggs has been found on the #networks of multiple Ukrainian organizations.
https://www.bleepingcomputer.com/news/security/new-ransomware-attacks-in-ukraine-linked-to-russian-sandworm-hackers/?&web_view=true
#cyberwar #war #Russia
New ransomware attacks in Ukraine linked to Russian Sandworm hackers

New ransomware attacks targeting organizations in Ukraine first detected this Monday have been linked to the notorious Russian military threat group known as Sandworm.

BleepingComputer
ESET ResearchNov 25, 2022
On Nov 21st #ESETResearch detected and alerted @_CERT_UA of a wave of ransomware we named #RansomBoggs, deployed in multiple organizations in UkraineπŸ‡ΊπŸ‡¦. While the malware written in .NET is new, its deployment is similar to previous attacks attributed to #Sandworm. 1/9