Ransomware Roundup (April 29, 2024)

May 1, 2024, 11:06 p.m.

Description

This concise report provides insights into the evolving ransomware landscape, covering the KageNoHitobito and DoNex variants. It analyzes their infection vectors, victimology, attack methods, and associated indicators of compromise (IoCs). The report also highlights Fortinet's protections against these threats and offers guidance on best practices for incident response and ransomware prevention.

Date

Published: April 29, 2024, 6:21 p.m.

Created: April 29, 2024, 6:21 p.m.

Modified: May 1, 2024, 11:06 p.m.

Indicators

8a10e0dc4994268ea33baecd5e89d1e2ddabef30afa09961257a4329669e857a

8939bfe20bc6476806d22c8edfcaba5c36f936b893b3de1c847558502654c82f

74b5e2d90daaf96657e4d3d800bb20bf189bb2cf487479ea0facaf6182e0d1d3

0e60d49a967599fab179f8c885d91db25016be996d66a4e00cbb197e5085efa4

1940fcdb2561c2f7b82f6c44d22a9906e5ffec2438d5dadfe88d1608f5f03c33

0adde4246aaa9fb3964d1d6cf3c29b1b13074015b250eb8e5591339f92e1e3ca

6d6134adfdf16c8ed9513aba40845b15bd314e085ef1d6bd20040afd42e36e40

Attack Patterns

KageNoHitobito

DarkRace

DoNex

KageNoHitobito and DoNex

T1578

T1490

T1137

T1018

T1489

T1486

T1070

T1105

T1083

T1071

T1204

T1027

T1053

T1059

Additional Informations

Sweden

Cuba

Chile

Belgium

Iran, Islamic Republic of

Lithuania

Taiwan

China

Netherlands

Italy

Peru

Germany

Romania

United Kingdom of Great Britain and Northern Ireland

United States of America