Merge branch 'master' of https://github.com/MISP/misp-galaxy

2024-11-22 23:07:19 +00:00 · 2019-06-12 09:20:38 +02:00 · 2019-06-12 09:20:38 +02:00 · 01fade422f
commit 01fade422f
parent 1ba7f19ca2 8c69da1fd9
2 changed files with 25 additions and 2 deletions
--- a/clusters/branded_vulnerability.json
+++ b/clusters/branded_vulnerability.json
@ -184,5 +184,5 @@
      "value": "BlueKeep"
    }
  ],
-  "version": 3
+  "version": 4
 }
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@ -13449,7 +13449,30 @@
      },
      "uuid": "24bd9a4b-2b66-428b-8e1c-6b280b056c00",
      "value": "Sodinokibi"
+    },
+    {
+      "description": "Phobos exploits open or poorly secured RDP ports to sneak inside networks and execute a ransomware attack, encrypting files and demanding a ransom be paid in bitcoin for returning the files, which in this case are locked with a .phobos extension.",
+      "meta": {
+        "payment-method": "Bitcoin",
+        "refs": [
+          "https://www.zdnet.com/article/new-phobos-ransomware-exploits-weak-security-to-hit-targets-around-the-world/"
+        ]
+      },
+      "uuid": "6cfa554a-1e1b-327a-605f-025d761570b1",
+      "value": "Phobos"
+    },
+    {
+      "description": "A new ransomware is in the dark market which encrypts all the files on the device and redirects victims to the RIG exploit kit.",
+      "meta": {
+        "payment-method": "Bitcoin",
+        "price": "300 $",
+        "refs": [
+          "https://www.ehackingnews.com/2019/05/getcrypt-ransomware-modus-operandi-and.html"
+        ]
+      },
+      "uuid": "6cfa553a-1e1b-115a-401f-015d681470b1",
+      "value": "GetCrypt"
    }
  ],
-  "version": 62
+  "version": 64
 }