Doing some research on RANSOMBOGGS, seeing a number of open-source reports linking this activity to Sandworm due to some similarities in deployment techniques.

Has anyone seen some more concrete attribution for the originator of this strain?

Also has anyone seen it being deployed outside of Ukraine?

#threatIntel #ransomware #ransomboggs #threatintelligence #apt

#RansomBoggs #Attacks in #Ukraine Linked To Russian Hackers. Sandworm’s linkage with the new #RansomBoggs indicates that the group is actively enhancing its toolset to make its #attacks efficient.
https://cyware.com/news/ransomboggs-attacks-in-ukraine-linked-to-russian-hackers-ddf45c03/?&web_view=true
#war #cyberwar #russia

New #ransomware #attacks in #Ukraine linked to Russian #Sandworm hackers. Slovak software company ESET who first spotted this wave of #attacks, says the #ransomware they named #RansomBoggs has been found on the #networks of multiple Ukrainian organizations.
https://www.bleepingcomputer.com/news/security/new-ransomware-attacks-in-ukraine-linked-to-russian-sandworm-hackers/?&web_view=true
#cyberwar #war #Russia

On Nov 21st #ESETResearch detected and alerted @_CERT_UA of a wave of ransomware we named #RansomBoggs, deployed in multiple organizations in Ukraine🇺🇦. While the malware written in .NET is new, its deployment is similar to previous attacks attributed to #Sandworm. 1/9