Secplicity Blog

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/hakuna-matata-17 Hakuna Matata is a Swahili phrase meaning "there are no worries" (Hakuna = there are no; Matata = worries). It's popularized by the Disney movie The Lion King, performed by Timon and Pumbaa. However, native…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/bagli Bagli is commonly called Bagli Wiper because it doesn't actually encrypt files; it overrides the file's bytes with the Random() function (.NET). Therefore, it's technically not ransomware; it's pseudo-ransomware as a wiper…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/mike-tyson Mike Tyson ransomware, dubbed "Tyson" for short, is a variant of the Chaos ransomware family and obviously refers to the boxer Mike Tyson. Derivatives of Chaos are created using the Chaos Ransomware builders, of which…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/azzasec AzzaSec (AzzaSecurity) is both the name of the ransomware and of an Italian hacktivist group. That is based on research from Threatmon, which wrote an extensive report on this ransomware and its members. The other two…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/anonymous Anonymous ransomware is built from the NoCry ransomware builder, based on the infamous WannaCry ransomware. This is evident from the debug string in the discovered sample (C:\Users\Anonymous\Desktop\NoCry Builder +…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/ghoshacker GhosHacker, which is seemingly a misspelling of GhostHacker based on the ransom note dropped with the same name—GhostHacker.exe—is a crypto-ransomware built from the NoCry ransomware builder. This allegation comes from…