8Base Ransomware Update
El grupo de ransomware 8Base es relativamente nuevo, surgió a principios de 2023, pero investigaciones revelan operaciones más pequeñas en 2022. El grupo ha ganado notoriedad rápidamente por sus tácticas, técnicas agresivas y la creciente cantidad de víctimas. Atacan principalmente a pequeñas y medianas empresas (PyMEs) en diversos sectores, incluyendo servicios empresariales, finanzas, manufactura y tecnología de la información. Su actividad ha aumentado considerablemente, posicionándose como el segundo grupo con más víctimas en 30 días, después de LockBit 3.0 (SOCRadar, 2023).
El grupo de ransomware 8Base, se nutre de otros grupos de Ransomware como RansomHouse y Phobos (Puente, 2023), mejorando sus tácticas y técnicas agresivas. Realizando campañas de phishing con correos maliciosos para engañar a las víctimas a que descarguen el malware, aprovechando las vulnerabilidades del sistema para inyectar código malicioso. Su blog en la Dark Web, tiene secciones de preguntas frecuentes, normas y contacto. Haciendo similitud a una organización empresarial (SOCRadar, 2023).
A los archivos encriptados se les añade la extensión “.8base”, haciéndolos inaccesibles para las víctimas. Posteriormente, dejan una nota de rescate con instrucciones para ponerse en contacto con el grupo malicioso, para iniciar las negociaciones sobre de la desencriptación de los sistemas. El método de encriptación que utiliza el ransomware de 8Base es el AES-256.
Por otro lado, el grupo afirma tener límites éticos, como dijo el grupo malicioso en su página Web (8Base, 2024), negándose a comprometerse con grupos extremistas o a divulgar datos que violan los principios morales. Intentan legitimar sus actividades trazando una línea entre lo que perciben como hacking ético y las actividades maliciosas.
Taxonomía de ataque de MITRE ATT&CK
| Táctica | Técnica | ID MITRE ATT&CK |
| Reconnaissance | Active Scanning | T1595 |
| Reconnaissance | Phishing for Information | T1598 |
| Resource Development | Acquire Infrastructure | T1583 |
| Resource Development | Develop Capabilities | T1587 |
| Initial Access | Phishing: Spearphishing Attachment | T1566.001 |
| Execution | Command and Scripting Interpreter | T1059 |
| Execution | Native API | T1106 |
| Execution | Scheduled Task/Job | T1053 |
| Execution | Shared Modules | T1129 |
| Persistence | Boot or Logon Autostart Execution | T1547 |
| Persistence | Registry Run Keys / Startup Folder | T1547.001 |
| Persistence | Scheduled Task/Job | T1053 |
| Privilege Escalation | Boot or Logon Autostart Execution | T1547 |
| Privilege Escalation | Registry Run Keys / Startup Folder | T1547.001 |
| Privilege Escalation | Scheduled Task/Job | T1053 |
| Privilege Escalation, Defense Evasion | Token Impersonation/Theft | T1134.001 |
| Defense Evasion | Deobfuscate/Decode Files or Information | T1140 |
| Defense Evasion | Disable or Modify System Firewall | T1562.004 |
| Defense Evasion | Disable or Modify Tools | T1562.001 |
| Defense Evasion | Execution Guardrails | T1480 |
| Defense Evasion | File and Directory Permissions Modification | T1222 |
| Defense Evasion | File Deletion | T1070.004 |
| Defense Evasion | Hidden Files and Directories | T1564.001 |
| Defense Evasion | Hide Artifacts | T1564 |
| Defense Evasion | Impair Defenses | T1562 |
| Defense Evasion | Indirect Command Execution | T1202 |
| Defense Evasion | Masquerading | T1036 |
| Defense Evasion | Modify Registry | T1112 |
| Defense Evasion | Software Packing | T1027.002 |
| Defense Evasion | Virtualization/Sandbox Evasion | T1497 |
| Credential Access | Input Capture | T1056 |
| Credential Access | LSASS Memory | T1003.001 |
| Credential Access | OS Credential Dumping | T1003 |
| Discovery | File and Directory Discovery | T1083 |
| Discovery | Network Share Discovery | T1135 |
| Discovery | Process Discovery | T1057 |
| Discovery | Security Software Discovery | T1518.001 |
| Discovery | System Information Discovery | T1082 |
| Discovery | Virtualization/Sandbox Evasion | T1497 |
| Lateral Movement | Taint Shared Content | T1080 |
| Collection | Archive Collected Data | T1560 |
| Collection | Data from Local System | T1005 |
| Collection | Data Staged | T1074 |
| Collection | Input Capture | T1056 |
| Command and Control | Application Layer Protocol | T1071 |
| Command and Control | Remote Access Software | T1219 |
| Command and Control | Web Protocols | T1071.001 |
| Exfiltration | Exfiltration Over C2 Channel | T1041 |
Recomendaciones
- Mantener todos los sistemas y software actualizados para evitar vulnerabilidades.
- Tener filtros de correo electrónico y spam.
- Auditar herramientas de acceso remoto. (NIST CSF, 2024)
- Revisar logs para de ejecución de software de acceso remoto. (NIST CSF, 2024)
- Limitar estrictamente el uso de los protocolos SMB y RDP.
- Realizar auditorías de seguridad. (NIST CSF, 2024)
- Deshabilitar los servicios y procesos no requeridos para reducir los vectores de ataque. (NIST CSF, 2024)
- Concientizar a los empleados sobre los métodos de Phishing e Ingeniería social.
- Realizar copias de seguridad, respaldos o back-ups constantemente.
- Mantener los respaldos desconectados de la red de la organización, verificando constantemente la confidencialidad, integridad y disponibilidad de estos.
- Revisar continuamente los privilegios de los usuarios.
- Tener una solución EDR robusta configurada adecuadamente basada en las mejores prácticas.
- Habilitar la autenticación multifactor.
Indicadores de compromiso
| Tipo | Indicador de compromiso |
| URL | http://basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onion/ |
| URL | hxxp[:]//dexblog45[.]xyz/statweb255/ |
| URL | hxxp[:]//sentrex219[.]xyz/777/mtx5sfN.exe |
| URL | hxxp[:]//sentrex219[.]xyz/777/skx2auB.exe |
| IP | 45.131.66[.]120 |
| IP | 45.89.125[.]136 |
| FileHash-SHA256 | 00e6061a54e469f6c957eda96a0267efded5f8a6a8d4006ea74ded74df5eb703 |
| FileHash-SHA256 | 01b2ec8085dace807c190f3f26d5e5ce45be0c0ecbd9c944303a36f323272226 |
| FileHash-SHA256 | 03666df8dd1cd6f9e05e28a0660223d514351e05a8c61179f59e9e2c5e10d471 |
| FileHash-SHA256 | 05c29b528fccf8c2793663a6725c9bf680944ffa6a26129d7aaafd1980bd034c |
| FileHash-SHA256 | 0867a5d4559cb7084765944e5ab71c67629e90a5fa15e66b7b3d47059c76cb78 |
| FileHash-SHA256 | 0c0bdd6f7e780b5bde33342e142af12d0d3b2ae40e6d5ab48a4fde3e32751a75 |
| FileHash-SHA256 | 104032d8993555a84679746069ad1f8c1365c4a27eaeec732fda76aa62da005a |
| FileHash-SHA256 | 159fa561bf9069418c5b2a33525ee12b16385f96680890a285d401b9f6781643 |
| FileHash-SHA256 | 15c9373bc7a1cc990d6caa0f3262f6c4adeff93337f642f752b64947ae50cec9 |
| FileHash-SHA256 | 2288a0c896757647538a7dab5e0c980b70b173ed36c9e6206f6701dfd4112cfb |
| FileHash-SHA256 | 25d4ec23c3618c7bdbef717c9ded9f7da560b3eb13d8d20f958fe3fbe5a1e37b |
| FileHash-SHA256 | 2673be0eb2cc75805d67cc5876b98cbbe330c73a223be23fb3b41eb447ccd1c9 |
| FileHash-SHA256 | 2704e269fb5cf9a02070a0ea07d82dc9d87f2cb95e60cb71d6c6d38b01869f66 |
| FileHash-SHA256 | 274c6ea98df4de5fc99661b0af876c3556c8a9125697efa3cbdc6fa81b80395d |
| FileHash-SHA256 | 281481eb8f1579206e55232754f47587a61bbe1460fc1f3b06157f31d214a290 |
| FileHash-SHA256 | 2a270618cf65fcfb6476269b7c7bdbae84552d15a3da3e8907425e20ace4548a |
| FileHash-SHA256 | 2a50a42d3c44e6e3890a53228cb84f6fdb17e38b31422c68b8634a06d36cc324 |
| FileHash-SHA256 | 2cfd30a7982b90be60f83fe5f4132999ac50d0d63d9681d8d50c3c8271faa34b |
| FileHash-SHA256 | 30e90f33067608e8e7f4d57fd6903adb5eccb91bf426c56569c16bf86f0d8971 |
| FileHash-SHA256 | 32a674b59c3f9a45efde48368b4de7e0e76c19e06b2f18afb6638d1a080b2eb3 |
| FileHash-SHA256 | 32b815ce14e6606e53b1ddaf39900c91f126e1d9ce9c5cab2fe825d6b2fa74d9 |
| FileHash-SHA256 | 32d1458fb5c0c08156568a658f30143786336a73dea1d76bef9becf4a55c0964 |
| FileHash-SHA256 | 33c861023479ddcaea82f2daee9d0394f304d0c33ba210f4c3c53a93cf9a474c |
| FileHash-SHA256 | 356799503f195db260e08a81d42a431b4ebd47cef94eddc96f24a0fd3e49d716 |
| FileHash-SHA256 | 3a6cfcbf9ef082d94b7a8a0050f42761e115aa3b6ff26edb6c7daf4437fe9917 |
| FileHash-SHA256 | 3cb4c0f6430f5216818c3438a18c96e7dcf5080129c9eea3f50735811c3e85eb |
| FileHash-SHA256 | 3d805293a70df3a5e1e392ee05ed7b88eda054ee97072eac5590baecfc44cb74 |
| FileHash-SHA256 | 3ec359f6ab125099db4a4f7b6ad6b17ab1411a338be932ea45aea13aad7788c8 |
| FileHash-SHA256 | 408d62cbf4789d9533230eff49b8b45c11b01fd8c8d6d65ec339725d7521a48c |
| FileHash-SHA256 | 427ac2bb816309c11b12c895787c862017d5725ed7de137b5eb10c03e89c0b8c |
| FileHash-SHA256 | 454f9058a9fd9c266782389850d6142a0d04ce9d8042bc069ccd8d90d60be6d5 |
| FileHash-SHA256 | 45dcbfbb139c81af47b6953482c2d146f5192054c29a2343019e6f1d30912ff4 |
| FileHash-SHA256 | 45de59851d68929632346d6f894dc8c1b6a5c4197db83c2e33c60631efc0b39f |
| FileHash-SHA256 | 482754d66d01aa3579f007c2b3c3d0591865eb60ba60b9c28c66fe6f4ac53c52 |
| FileHash-SHA256 | 49699985414185b85cdf0a0292dfd1fb0e7b0b4925daa165351efed6e348335a |
| FileHash-SHA256 | 4b891c6c3520d1d81e083f72d7ee9c92870ac6633f1f8419b2f50b4f90681ed6 |
| FileHash-SHA256 | 4e4c154f0500990e897ca9650eafd3c6255ba4df3b4bc620c6ba27b718278392 |
| FileHash-SHA256 | 4fd3f6a16bccb7c9d4631241b6f8ebe58515fa2c593e4c938939492615869432 |
| FileHash-SHA256 | 505bc570566804139166c0f12ea773d1c459682cc13cfca823b2ddfbd48cd2e2 |
| FileHash-SHA256 | 518544e56e8ccee401ffa1b0a01a10ce23e49ec21ec441c6c7c3951b01c1b19c |
| FileHash-SHA256 | 52661e5c4f8503541a5f361cfa8e4518f852907365e23fdfcc8472fea67df12b |
| FileHash-SHA256 | 54b3641fc695438be989a08a9dca9f2a5d1ed9d538cb83cb597a17480d580c39 |
| FileHash-SHA256 | 667dfdc8b8527599735d93ba94d5e9a30442db7c9e780f103fea07172ee8c740 |
| FileHash-SHA256 | 681f180735ec833997bea4eb26c58f9c2e39980cd0a351e0b5cd99c502b33ae8 |
| FileHash-SHA256 | 698b2a9cf9ce16f1cb5cff4576e902888cb14db7414b8e6ac4eb728f8c87d209 |
| FileHash-SHA256 | 6cb41c5e8379cc137f64c91f5aaaf88da43b3d13791f12884bedd5a81a83b8d2 |
| FileHash-SHA256 | 6e591d4815d6e7ec082696f002c843c6d9155e944a99cdd7dab3db372db6a877 |
| FileHash-SHA256 | 71bd706cc0ace3774449282a9c1de5403f8f43dad118b9fbf4fc45cf4894f8e9 |
| FileHash-SHA256 | 78732997a6c9d975b97da85fc511533d44083a9f9da60dae8393274a59b7bfce |
| FileHash-SHA256 | 790b64a5860a5069fedcb660efdffce2b5ab2195086100a6079697b662f0c198 |
| FileHash-SHA256 | 7e18ff461e3fc159c9b6634c9250600ea4c62da604885697c95d9bac794109b8 |
| FileHash-SHA256 | 8113218903975b81b22049796f201e06638595d2f6fadd82da06817bfbce85d7 |
| FileHash-SHA256 | 872ee36c064f5d9e7df3e5495c7de6aba4b26856556ba2ac124cdbb02693aa02 |
| FileHash-SHA256 | 8879a7a950a3916f5438685f994ee829a20e4c60021db73060cd078e4a72b5a7 |
| FileHash-SHA256 | 88f6a6455f92255a189526e36aeb581c95c28dc5e26357e7667f871444a336ba |
| FileHash-SHA256 | 89c65668def919cdf677df2774c5646540fee498031f7ecd5c7a6be7b62e9953 |
| FileHash-SHA256 | 8c46f85644793051b8966d2edeeccdb8416aa04289dc0803d8da90fe6c98014c |
| FileHash-SHA256 | 8f60d17bbaefd66fe94d34ea3262a1e94b0f8f0702c437d19d3e292c72f1cedc |
| FileHash-SHA256 | 917f2b461c860f2ee8aed1147094b9273931bb9ee8040d609a485ec150dc3ec0 |
| FileHash-SHA256 | 91abe280381d0faf55b521f51d16d8aa022f0cc14b1310334d4fffc3474459d4 |
| FileHash-SHA256 | 9215550ce3b164972413a329ab697012e909d543e8ac05d9901095016dd3fc6c |
| FileHash-SHA256 | 96a3909ca8917c14a7bd36839dd5abf5c9df9f69b314158e0110365113acf4bb |
| FileHash-SHA256 | 97a4d094f86b757b3fb0e189f2843a7af8d0ec43f9805214e89992528e83b5d7 |
| FileHash-SHA256 | 9d163fbffc9692a3143362c51d35d5ab52d1f209d9d5e053196c79a30e6f7acf |
| FileHash-SHA256 | 9f40b69060a52731107baec84a0c0f8a1bfc1a62e8471b9cd69509aade9cb7f1 |
| FileHash-SHA256 | 9f67b6057e5b5dc4b2ec3b370ca3062e0bed91a934b227911af2a3de17164ee5 |
| FileHash-SHA256 | a1ee84c3183521e345b17502b38621201ff6edb86db81debec25d58dec5ad96c |
| FileHash-SHA256 | a31a45f1c686c1ae2ff1733e7e7636a17010b85091b17bdf68c27543866dfca5 |
| FileHash-SHA256 | a8d2d0ceaaf6685644b228a767ea6299ea2968f7cae79dd36abf4225b8593fdd |
| FileHash-SHA256 | a91491f45b851a07f91ba5a200967921bf796d38677786de51a4a8fe5ddeafd2 |
| FileHash-SHA256 | abc4e3744b5a6b6ca367b81dabc9ff13d509d0bb5b4be6daa7d5419c57e5ea4b |
| FileHash-SHA256 | aedbddbf7494baaaf759a720d9cd17540d3c171b9cc52a02e0ef9a592bd9cd63 |
| FileHash-SHA256 | b3725e7f3a53ea398fd0136e63c9c11d8c1addc778eece2ce1ac2ca2fc9cd238 |
| FileHash-SHA256 | b3e80316dc1e01af60bcea7218ab5ebfe81432643d29ab46b22e3b11658606d5 |
| FileHash-SHA256 | b4b89828380c4781c7beafa6dce00ae38cd4adc13ad56792996e28c41def5c53 |
| FileHash-SHA256 | bab3c87cac6db1700f0a0babaa31f5cd544961d1b9ec03fd8bcdeff837fc9755 |
| FileHash-SHA256 | bcdf23bb2e1635cb6639895094f7115af7bc9d07f276507af291cd9b7124e135 |
| FileHash-SHA256 | c0539fd02ca0184925a932a9e926c681dc9c81b5de4624250f2dd885ca5c4763 |
| FileHash-SHA256 | c447b9a04d36e1a1e8560fc380dec019ec3b63506d07d0116e1ec2c28a9b1c30 |
| FileHash-SHA256 | c68d9dcd8a3038bfe7c6c008149c8792b6033e6249286e4692e16dcb2bd90d41 |
| FileHash-SHA256 | c83894f6f01a0d4a492c2e05966816e27dac6b9093f83b499b6a5b2f28b53cec |
| FileHash-SHA256 | d0604a3864899ac9bf0a07e47330b62a3e76b61335d6dac2e9b5a796b9fcc164 |
| FileHash-SHA256 | d26de80e8b561adcf33ab3f2fe29f22c6eaddfbe247dcf9028463214e0f87e90 |
| FileHash-SHA256 | d4cb20dba15d88c38c35be69fe04538b4f9bb0a12edb51ff23c0171b584edf08 |
| FileHash-SHA256 | d560b84be808a9a324b995a05686237d645248369ce04069350d5b5d979d8365 |
| FileHash-SHA256 | d7cb8a2d60e1818d0638a4c38cd6fae475dc83ab7b2bde9827ecc4e4a7ce6ed7 |
| FileHash-SHA256 | db85c5455b1adee337cf5b6728a9a4776e3645e50d0bf7ff410e34bb710cc42a |
| FileHash-SHA256 | e98c033e303e64af465b7d41d779a3780708c97822a6ebb7cf6ff3db64bc3416 |
| FileHash-SHA256 | ea6adefdd2be00d0c7072a9abe188ba9b0c9a75fa57f13a654caeaaf4c3f5fbc |
| FileHash-SHA256 | eb24adb38f36113fe71f942596c355afd59a2e83a0663daf32ae9bb30059732c |
| FileHash-SHA256 | f595f91a9966808cc85d11981e66e98043af9aeaaaa3893ef058b9a79c474f17 |
| FileHash-SHA256 | f5d99d4548470b4699b215453e9be29e48aa20616d45f704c335bd3bbe3e0a4f |
| FileHash-SHA256 | f709d1f84e4f0a845ebb4a9fb1500aa2a9fd600e97cbea32ffc3e49c1084f467 |
| FileHash-SHA256 | f909efbae3c83ae64dcd8f57e18be891df6386ca89f3a2f4c40d12ebc1913ef4 |
| FileHash-SHA256 | f9805be70bc5c750e01a82742a66e6ffa9ade0ba2f80a97cadbb8fcaeb60dda7 |
| FileHash-SHA256 | fa620f37539b2c7e53d4c06de1b680d0eab5c3a5280b89d1700e014bfd320519 |
| FileHash-SHA256 | fa7ed15708d988e7f69b5628db9481816052efea29e93f1bd274a1d76006aee6 |
| FileHash-SHA256 | fc4b14250db7f66107820ecc56026e6be3e8e0eb2d428719156cf1c53ae139c6 |
| FileHash-SHA256 | fd59543a425d2159dfadba8efd4d40178b609ef123a8bc5cf00fe3afef95623d |
| FileHash-SHA256 | e142f4e8eb3fb4323fb377138f53db66e3e6ec9e82930f4b23dd91a5f7bd45d0 |
| FileHash-SHA256 | 5BA74A5693F4810A8EB9B9EEB1D69D943CF5BBC46F319A32802C23C7654194B0 |
| FileHash-SHA256 | AFDDEC37CDC1D196A1136E2252E925C0DCFE587963069D78775E0F174AE9CFE3 |
| FileHash-SHA256 | C6BD5B8E14551EB899BBE4DECB6942581D28B2A42B159146BBC28316E6E14A64 |
| FileHash-SHA1 | 161f9a79f8197c9b5de1beb7bd4d425d5c23b45b |
| FileHash-SHA1 | 18ebb65842ccd3a1d1eeb597f2017267d47daaf9 |
| FileHash-SHA1 | 1a5e8b4435f97dfd09b764c82dba35868e792803 |
| FileHash-SHA1 | 1aa0bf6a2470de52934be70d329a3e80e00fbd0b |
| FileHash-SHA1 | 1d59046ef6c7d204e6ac74337ef534e3f9bd237c |
| FileHash-SHA1 | 2598b5fc7fe9eb38b3c3daf359b88b1c33620bd2 |
| FileHash-SHA1 | 288d8268254bf799aef8db58beb18cb35fd903a1 |
| FileHash-SHA1 | 3dd6bb5a8786eb073a6f7d26454a8ddbffbbe48f |
| FileHash-SHA1 | 480b65fe568acd420dacd4b935529f2505e94151 |
| FileHash-SHA1 | 4a8f0331abaf8f629b3c8220f0d55339cfa30223 |
| FileHash-SHA1 | 4c623160150579d349eed28bfe89a8d7db0ca550 |
| FileHash-SHA1 | 5b9da81fe47343daee836745f88b07aeb6b837e5 |
| FileHash-SHA1 | 623362fa1b8b25eb5e072db8f873486392cb464d |
| FileHash-SHA1 | 691ed7b6c4c0bdd824ede0514aacda9d7adc51f1 |
| FileHash-SHA1 | 69f4f04dac5596438421304995b6b0b373b18c60 |
| FileHash-SHA1 | 6b0a1beffe90cf58d1e442612458d18b59a852a4 |
| FileHash-SHA1 | 6ffb1e4af21e5413b07d0b4951f2dfaaba6b26b0 |
| FileHash-SHA1 | 70ef130a8f88076dc671ab9873b2a3a3c45818fc |
| FileHash-SHA1 | 73819e4af3dc2200ae5eac87df6bda9c2d502134 |
| FileHash-SHA1 | 85280eb7ee27f12c0bf05bcc424f32135254ba36 |
| FileHash-SHA1 | 8949f27465913bf475fceb5796b205429083df58 |
| FileHash-SHA1 | 93b0d892bd3fbb7d3d9efb69fffdc060159d4536 |
| FileHash-SHA1 | 97508bbbff47aa06a381ff80428b8578d4daafb5 |
| FileHash-SHA1 | 982a7c80f27f9dd71b8214e07c7beb81c13d3ec7 |
| FileHash-SHA1 | 9f70fd29900c659599155e8d758b938db00f43bd |
| FileHash-SHA1 | a0f2cc3a7fcb60f7389ee4555dbddc2ad5822c7e |
| FileHash-SHA1 | ae1bc8822e41c65caedc07dd98b0d9156e2a28cd |
| FileHash-SHA1 | aed68cfa282ec2b0f8a681153beaebe3a17d04ee |
| FileHash-SHA1 | c88fad293256bfead6962124394de4f8b97765aa |
| FileHash-SHA1 | ca2b0ca521a4af8c9ec4d58f4d86493313dee571 |
| FileHash-SHA1 | d05810943685bcd70999ff0926215f5d6fe2637a |
| FileHash-SHA1 | d3f4f66861f8bf6aae657e475bcb8222c77a2770 |
| FileHash-SHA1 | e464001902893ab6aea89b8ccfc66f9eb1d45988 |
| FileHash-SHA1 | f823f35c00580524fef34d9084721a4cea703016 |
| FileHash-SHA1 | f897bc1186540da5fa1a7a83a066fc1eb9319928 |
| FileHash-SHA1 | f992c0b6282ebdfb4a059a16142177201534a89c |
| FileHash-SHA1 | fa0d0a4139e7251fbb458d0c140e31e5c85a4e5c |
| FileHash-SHA1 | fb43ca10722faff36657c2a6962eaf859a7fdf51 |
| FileHash-SHA1 | 3D2B088A397E9C7E9AD130E178F885FEEBD9688B |
| FileHash-SHA1 | 5d0f447f4ccc89d7d79c0565372195240cdfa25f |
| FileHash-MD5 | 0f281d2506515a64082d6e774573afb7 |
| FileHash-MD5 | 1f7dd42295e1d8059c9cae2eff17109e |
| FileHash-MD5 | 20378b2c39cd589867621114dec8605a |
| FileHash-MD5 | 21511830b2cd82392852506f8d4b3c7e |
| FileHash-MD5 | 226c69fbd80993cd5f17f696aa924bcb |
| FileHash-MD5 | 23ce1ae76844de9ad9dc0307ed629bb7 |
| FileHash-MD5 | 2519f369f426e4d2cdd88290d1c25d3c |
| FileHash-MD5 | 2809e15a3a54484e042fe65fffd17409 |
| FileHash-MD5 | 34f108f02f597ef5d4a838f76bd4777d |
| FileHash-MD5 | 40a2a330dece024db63f275748eb3d7a |
| FileHash-MD5 | 41a2caf298a6de6ea55d918a83d0bfca |
| FileHash-MD5 | 42553b52c33d2b5f8a747819d0bf97d5 |
| FileHash-MD5 | 486417849d6c58436232f8b427e34bfe |
| FileHash-MD5 | 5e86e15a56455a7b230d2a934ad129a5 |
| FileHash-MD5 | 7166d39e9c1cb17e1728d316531242b1 |
| FileHash-MD5 | 77650bc339c9c420709ca447465f164b |
| FileHash-MD5 | 7e8b8c909f96c4058a7e8f7acd171a78 |
| FileHash-MD5 | 8581a33bb410c7674705ca163c6f75ad |
| FileHash-MD5 | 87d6d2488b1260e70f4042bf1f292529 |
| FileHash-MD5 | 8a62691e9921ee88ab036aba6f9e45eb |
| FileHash-MD5 | 9376f223d363e28054676bb6ef2c3e79 |
| FileHash-MD5 | 966061cecee2b65fe7149dfa1d0f2c3a |
| FileHash-MD5 | 9824d07cea51069c0042eff0e46d1ad2 |
| FileHash-MD5 | 9a675bf96cd3bcdf7e629f588e88b49e |
| FileHash-MD5 | 9bb98f2989a73a1e3d8d490669462422 |
| FileHash-MD5 | a4606bdb195bc0d59b2d105c0719432c |
| FileHash-MD5 | ac26f4cb5345a3238e6ec8415257eb0d |
| FileHash-MD5 | bca4f45fd63e9b7a8fb82ca92de246a2 |
| FileHash-MD5 | c2317e46c10621501b8fb1022136b0c3 |
| FileHash-MD5 | cb0f99306d05042b8b3db064ac3489b9 |
| FileHash-MD5 | cca022895c5d2610d71c2cb14c303cb5 |
| FileHash-MD5 | e244628c750d40509ef2e3e72e4c2049 |
| FileHash-MD5 | e2c05722293b07319cfd5bb1fef74f44 |
| FileHash-MD5 | e4df7aae07ed40a1768015b33548b63b |
| FileHash-MD5 | e59ffeaf7acb0c326e452fa30bb71a36 |
| FileHash-MD5 | ecdf7acb35e4268bcafb03b8af12f659 |
| FileHash-MD5 | fe2d1879880466e24e76d8d0963feb93 |
| FileHash-MD5 | ff230f8ca501e06feedd202b40879e2b |
| FileHash-MD5 | 20110FF550A2290C5992A5BB6BB44056 |
| FileHash-MD5 | 9769c181ecef69544bbb2f974b8c0e10 |
| Dominio | admhexlogs25[.]xyz |
| Dominio | admlog2[.]xyz |
| Dominio | admlogs25[.]xyz |
| Dominio | blogstat355[.]xyz |
| Dominio | blogstatserv25[.]xyz |
| Dominio | dexblog[.]xyz |
| Dominio | dnm777[.]xyz |
| Dominio | serverlogs37[.]xyz |
| Dominio | wlaexfpxrs[.]org |
| Dominio | advfiberglass.com |
| Dominio | akin-law.com |
| Dominio | ampladivisorias.com.br |
| Dominio | anesco.com |
| Dominio | anlpackaging.fr |
| Dominio | aspectengineers.com |
| Dominio | bahamasmed.com |
| Dominio | basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onion |
| Dominio | bibliotheekgouda.com |
| Dominio | bluesage.com |
| Dominio | btu-sa.com |
| Dominio | cabra.ca |
| Dominio | cahayabentengmas.co.id |
| Dominio | cashcall.com |
| Dominio | chanandassociates.ca |
| Dominio | chinformatica.ch |
| Dominio | citelis.com.mx |
| Dominio | clearmedi.in |
| Dominio | clonarte.com.br |
| Dominio | constructiowa.com |
| Dominio | cpaadvisorsgroup.com |
| Dominio | crowd.pt |
| Dominio | cybermaritimes.com |
| Dominio | danbury.k12.ct.us |
| Dominio | declatra.adv.br |
| Dominio | delaneybrowne.co.uk |
| Dominio | dental1.com.au |
| Dominio | draje.ir |
| Dominio | dv8techgroup.com |
| Dominio | ejmrefrigeration.co.uk |
| Dominio | exbon.com |
| Dominio | facet-purolator.com |
| Dominio | fafoundry.com |
| Dominio | fansipan.com.vn |
| Dominio | fennpest.com |
| Dominio | fernmoorhomes.com |
| Dominio | files.dp.ua |
| Dominio | futuraagro.com.br |
| Dominio | harriseyecareofdavison.com |
| Dominio | hfhcapital.com |
| Dominio | hoosickfallscsd.org |
| Dominio | hornbill.com |
| Dominio | inde.gob.gt |
| Dominio | infosalons.ae |
| Dominio | jacklett.com |
| Dominio | jadranka.hr |
| Dominio | kebs.org |
| Dominio | kerseygov.com |
| Dominio | kevills.co.uk |
| Dominio | keystoneinsuranceservices.com |
| Dominio | klmlab.com |
| Dominio | kreacta.com |
| Dominio | ksmedcenter.com |
| Dominio | lawhouse.ca |
| Dominio | legalilavoro.it |
| Dominio | ligasgerais.com.br |
| Dominio | loongson.cn |
| Dominio | lssa.org.za |
| Dominio | luzboa.pt |
| Dominio | lysandershipping.com |
| Dominio | mensalus.es |
| Dominio | milkentravel.com |
| Dominio | mirandacustomsbrokerage.com |
| Dominio | newcenturyadvisors.com |
| Dominio | ntdetect.com |
| Dominio | pdeconsultores.es |
| Dominio | petkusbrothers.com |
| Dominio | pinnacletpa.com |
| Dominio | pneumaxspa.com |
| Dominio | polanglo.pl |
| Dominio | portbluehotels.com |
| Dominio | porter-roofing.com |
| Dominio | printglobe.com |
| Dominio | quikcard.com |
| Dominio | revpl.lt |
| Dominio | rexsdata.pro |
| Dominio | rlbayless.com |
| Dominio | robertopolizzi.com.br |
| Dominio | royaloakpetclinic.com |
| Dominio | satcommarketing.com |
| Dominio | sidermanlaw.com |
| Dominio | sinttelmg.org.br |
| Dominio | skyroot.in |
| Dominio | slocoe.org |
| Dominio | specta.com.pg |
| Dominio | sportsmedicineoregon.com |
| Dominio | stonefoxventures.com |
| Dominio | studioranchino.com |
| Dominio | sydenhamlab.com |
| Dominio | techcert.com.br |
| Dominio | telepizza.es |
| Dominio | theinjurylawyermd.com |
| Dominio | the-mbsgroup.com |
| Dominio | toyotaliftne.com |
| Dominio | traffic-tech.com |
| Dominio | transprensa.com |
| Dominio | varnapackaging.com |
| Dominio | venturedrillingsupply.com |
| Dominio | whk-schleswig.de |
| Dominio | wyler.com |
Referencias
- Zoltan, M. (2024, 23 febrero). 8Base Ransomware Breaches C&J Industries. Privacy Affairs. Recuperado el 5 de marzo de 2024 en: https://www.privacyaffairs.com/8base-ransomware-breaches-cj-industries/
- SC Magazine (2024, 8 febrero). Akira, 8Base dominate newly emergent ransomware gangs. SC Media. Recuperado el 5 de marzo de 2024 en: https://www.scmagazine.com/brief/akira-8base-dominate-newly-emergent-ransomware-gangs
- Snyder, B., Carlisle, F., Behling, D., Beathley, B. (2023, 28 junio). 8Base Ransomware: A Heavy Hitting Player. VMWare Security Blog. Recuperado el 5 de marzo de 2024 en: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player.html
- SOCRadar. (2023, 27 julio). Dark Web Profile: 8Base Ransomware. SOCRadar. Recuperado el 5 de marzo de 2024 en: https://socradar.io/dark-web-profile-8base-ransomware/
- Puente, B. (2023, 06 diciembre). 8BASE RANSOMWARE. Alestra CSIRT. Recuperado el 5 de marzo de 2024 en: https://csirt.axtel.com.mx/blog/post/128x
- NIST CFS. (2024, febrero 26). NIST Releases Version 2.0 of Landmark Cybersecurity Framework. NIST. Recuperado el 5 de marzo de 2024 en: https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-framework
