From dac054e53651a9c8e22d0661d3d2553505f1d729 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Tue, 13 Aug 2024 10:13:03 +0200 Subject: [PATCH] chg: [ransomware] updated --- clusters/ransomware.json | 71 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 66 insertions(+), 5 deletions(-) diff --git a/clusters/ransomware.json b/clusters/ransomware.json index 4d5aa8b..b75a5cc 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -27544,6 +27544,7 @@ "value": "Lilith" }, { + "description": "", "meta": { "links": [ "http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion/", @@ -27609,7 +27610,36 @@ "http://lockbit7a2g6ve7etbcy6iyizjnuleffz4szgmxaawcbfauluavi5jqd.onion", "http://lockbitaa46gwjck2xzmi2xops6x4x3aqn6ez7yntitero2k7ae6yoyd.onion", "http://lockbitb42tkml3ipianjbs6e33vhcshb7oxm2stubfvdzn3y2yqgbad.onion", - "http://lockbitcuo23q7qrymbk6dsp2sadltspjvjxgcyp4elbnbr6tcnwq7qd.onion" + "http://lockbitcuo23q7qrymbk6dsp2sadltspjvjxgcyp4elbnbr6tcnwq7qd.onion", + "http://lockbitffcjqi2wpwhjgubkjihhc7seaujqgzscvwvdiftunl6hn5oyd.onion", + "http://lockbitehorki5kh6s3n27hi3serhzr7htlshfqyg5ex32dyr5efhfyd.onion", + "http://lockbitdzjxsgyacnmfte6nfgqfcyhedkduimi4tsajvrwi4ljbos7id.onion", + "http://lockbitbtdk33k75rsl6uhn6bewd5g6z3hp42z6vb2hfk54oja55h7id.onion", + "http://lockbitb63zs7f4rdjcsn2etkqaswurk6hh55sa2ojeilxcnwf6qbkqd.onion", + "http://lockbit7xn7nqc5f5gfhv6qrf46xh65lscuzctwnmomthcigu2m3tad.onion", + "http://lockbit7bb4b6n27feok2rc7ri75udaqkfppjvtkxlwh7qldygbopmad.onion", + "http://lockbit4r3ly63w22jhkg33emtqwxw436wkftosscvdal2prdlwzknyd.onion", + "http://lockbit3hdu7e4sv3ecg6mmqmeihjcizebcxic6t4eqwar6f2e7rxpad.onion", + "http://lockbit3753ekiocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2id.onion/pgp.txt", + "http://lbb47q2f7nzeatj6mxppuk7bhnvwu23mf6pfuywxcz57dwnzl6z3ksqd.onion/", + "http://lbb6ud2vyf23z4hw6fzskr5gru7eftbjfbd6yzra3hzuqqvjy63blqqd.onion/", + "http://lbb2llze7ab4rnq4jumsy4ihsqzpuysaofpz2e43foocwmrzsokumqid.onion/", + "http://lbb5cnqexve2wg6acbfyohkzeijflpqmgijx5ksyvu4aljv27r2lgiid.onion/", + "http://lbbchnkrhkjtltjunmqsbw32bbblsd5bd2pqywtt2bex4bjmo5ry2iqd.onion/", + "http://lbbellr6aq4kuchzy44pmimszfd4di4fslez765ux4kse3o4lxcnpgid.onion/", + "http://lbbuxq57hyskobn5xwtw26rkq4wyvttory6k7pio2lv5adeopeezv6ad.onion/", + "http://lbbvhambmct5s4rpf2b65mrnqynhpn4hksq47io2wow5cjtv3xmsypid.onion/", + "http://lbbw6uqp2te2f323ltn2fgwl5tu5cr3udoj3ik2obdtr5367skuh4cid.onion/", + "http://lbbw7j6si6k2bzxd4tzvesoijfjtr4pa6awqie63rmkpql7hmu6tqnqd.onion/", + "http://lbbxv6nlojheut6th4nqwpabr4gtksm7y7f4c52ubvvvumydpo4dmryd.onion/", + "http://lbbzlychkbilhjsw5hhuvk7zk4axdffy3nvel3zaqwnuo2d4nlqqkeyd.onion/", + "http://lbbzme4ctvcgzo5lq7jvcdy2v2cs6hrlgihsmylfddprzqptm6ywhhyd.onion/", + "http://lbbfsazjqqwvtq2ckhm53kfmvsy7c6sdci3uy6qui4lv66aeef7hhpad.onion/", + "http://lbbgv7wsi6bpguvjbu6omdgwzllqm5tvdo65do2q7vw4er7aqrnjmtad.onion/", + "http://lbbjmbkvw3yurmnazwkbj5muyvw5dd6y7hyxrus23y33qiqczclrnbyd.onion/", + "http://lbbpoq6d2jglpw7dxarr6oaakgnlxt5nmrza5ojlufsuffuzexajsuyd.onion/", + "http://lbbp2rsfcmg5durpwgs22wxrdngsa4wiwmc4xk6hgmuluy6bvbvvtlid.onion/", + "http://lbbov7weoojwnqytnjqygmglkwtim5dvyw3xvoluk5ostz75ofd6enqd.onion/" ], "refs": [ "https://threatpost.com/lockbit-ransomware-proliferates-globally/168746", @@ -29049,7 +29079,8 @@ { "meta": { "links": [ - "http://p66slxmtum2ox4jpayco6ai3qfehd5urgrs4oximjzklxcol264driqd.onion/index.html" + "http://p66slxmtum2ox4jpayco6ai3qfehd5urgrs4oximjzklxcol264driqd.onion/index.html", + "http://nsalewdnfclsowcal6kn5csm4ryqmfpijznxwictukhrgvz2vbmjjjyd.onion/" ], "refs": [ "https://www.ransomlook.io/group/dunghill" @@ -29190,7 +29221,9 @@ { "meta": { "links": [ - "https://handala.to/" + "https://handala.to/", + "http://handala-hack.to", + "http://vmjfieomxhnfjba57sd6jjws2ogvowjgxhhfglsikqvvrnrajbmpxqqd.onion" ], "refs": [ "https://www.ransomlook.io/group/handala" @@ -29438,7 +29471,8 @@ "meta": { "links": [ "http://e27z5kd2rjsern2gpgukhcioysqlfquxgf7rxpvcwepxl4lfc736piyd.onion", - "http://cybertube.video/web/index.html#!/details?id=0c3b52f6e73709725dc6e12b30b139d9&serverId=2be5e68176ff4f8fbb930fe66321ab72" + "http://cybertube.video/web/index.html#!/details?id=0c3b52f6e73709725dc6e12b30b139d9&serverId=2be5e68176ff4f8fbb930fe66321ab72", + "http://e27z5kd2rjsern2gpgukhcioysqlfquxgf7rxpvcwepxl4lfc736piyd.onion/back/getallblogs" ], "refs": [ "https://www.ransomlook.io/group/dispossessor" @@ -29534,7 +29568,34 @@ }, "uuid": "c3fbd8c2-936c-580c-9290-a07ab86fa968", "value": "ransomcortex" + }, + { + "meta": { + "links": [ + "http://lynxblog.net/", + "http://lynxbllrfr5262yvbgtqoyq76s7mpztcqkv6tjjxgpilpma7nyoeohyd.onion/leaks", + "http://lynxch2k5xi35j7hlbmwl7d6u2oz4vp2wqp6qkwol624cod3d6iqiyqd.onion/login", + "http://lynxblog.net/leaks" + ], + "refs": [ + "https://www.ransomlook.io/group/lynx" + ] + }, + "uuid": "e0f85dfe-6d9f-5e64-ae8e-1cb4aa6ccc31", + "value": "lynx" + }, + { + "meta": { + "links": [ + "http://nv4addu4insb7x6aagdv6r5gvxzczgfje7mmecsjonnrvsq7ulevvfid.onion" + ], + "refs": [ + "https://www.ransomlook.io/group/rtm locker" + ] + }, + "uuid": "5cc68850-aeb0-507f-a981-9457bcf37c0c", + "value": "rtm locker" } ], - "version": 129 + "version": 130 }