CERTFR-2020-CTI-003 : ? Attacks involving the Mespinoza/Pysa ransomware (01 avril 2020)
Publié le 1 avril 2020 09:57
In the past few weeks, ANSSI became aware of cyber attacks targeting French local authorities. These attacks involved ransomwares whose use resulted in several encrypted files. The origin of these attacks is still unknown, and investigations are in progress. However, ransomware attacks are usually opportunistic and driven by a lucrative purpose.
This document aims at describing the behaviour of the intrusion set involved in these attacks, as well as providing related indicators of compromise.
DOWNLOAD THE REPORT