S.G.D.S.N
Agence nationale
de la sécurité des
systèmes d'information
Paris, le 01 avril 2020
N° CERTFR-2020-CTI-003
Affaire suivie par: CERT-FR
le 01 avril 2020

Rapport Menaces et Incidents du CERT-FR

Objet: 🇬🇧 Attacks involving the Mespinoza/Pysa ransomware

Gestion du document

Référence CERTFR-2020-CTI-003
Titre 🇬🇧 Attacks involving the Mespinoza/Pysa ransomware
Date de la première version 01 avril 2020
Date de la dernière version 01 avril 2020
Source(s)
Pièce(s) jointe(s) Aucune(s)
Tableau 1: Gestion du document

Une gestion de version détaillée se trouve à la fin de ce document.

French version: 🇫🇷

 

In the past few weeks, ANSSI became aware of cyber attacks targeting French local authorities. These attacks involved ransomwares whose use resulted in several encrypted files. The origin of these attacks is still unknown, and investigations are in progress. However, ransomware attacks are usually opportunistic and driven by a lucrative purpose.

This document aims at describing the behaviour of the intrusion set involved in these attacks, as well as providing related indicators of compromise.

 

DOWNLOAD THE REPORT

Gestion détaillée du document

    le 01 avril 2020
    English version