 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: HermeticRansom| Names | HermeticRansom PartyTicket Elections GoRansom SonicVote | |
| Category | Malware | |
| Type | Ransomware | |
| Description | (Kaspersky) On February 24, 2022, Avast Threat Research published a tweet announcing the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security community it was used in recent cyberattacks in Ukraine. The new ransomware was likely used as a smokescreen for the HermeticWiper attack due to its non-sophisticated style and poor implementation. | |
| Information | <https://securelist.com/elections-goransom-and-hermeticwiper-attack/105960/> <https://www.welivesecurity.com/2022/03/01/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine/> <https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.partyticket> | |
| Playbook | <https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-hermeticransom-victims-in-ukraine/> | |
Last change to this tool card: 27 December 2022
Download this tool card in JSON format
Previous: Hermes
Next: HermeticWiper
| Changed | Name | Country | Observed | ||
Unknown groups | |||||
| _[ Interesting malware not linked to an actor yet ]_ | |||||
1 group listed (0 APT, 0 other, 1 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |