Куда я попал?
Playcrypt
Playcrypt is a ransomware that has been used by Play since at least 2022 in attacks against against the business, government, critical infrastructure, healthcare, and media sectors in North America, South America, and Europe. Playcrypt derives its name from adding the .play extension to encrypted files and has overlap with tactics and tools associated with Hive and Nokoyawa ransomware and infrastructure associated with Quantum ransomware.(Citation: Microsoft PlayCrypt August 2022)(Citation: CISA Play Ransomware Advisory December 2023)(Citation: Trend Micro Ransomware Spotlight Play July 2023)
ID: S1162
Associated Software: Play
Type: MALWARE
Platforms: Windows
Created: 25 Sep 2024
Last Modified: 02 Oct 2024
Associated Software Descriptions |
|
| Name | Description |
|---|---|
| Play | (Citation: CISA Play Ransomware Advisory December 2023)(Citation: Trend Micro Ransomware Spotlight Play July 2023) |
Groups That Use This Software |
||
| ID | Name | References |
|---|---|---|
| G1040 | Play |
(Citation: CISA Play Ransomware Advisory December 2023) (Citation: Trend Micro Ransomware Spotlight Play July 2023) |
References
- CISA. (2023, December 18). #StopRansomware: Play Ransomware AA23-352A. Retrieved September 24, 2024.
- Microsoft Security Intelligence. (2022, August 27). Ransom:Win32/PlayCrypt.PA. Retrieved September 24, 2024.
- Trend Micro Research. (2023, July 21). Ransomware Spotlight: Play. Retrieved September 24, 2024.
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.