Security News > 2021 > October > Broadcom Software's Symantec Threat Hunter Team discovers first-of-its-kind ransomware
The new ransomware family, called Yanluowang, appears to still be under development and lacks some sophisticated features found in similar code.
The Symantec Threat Hunter Team at Broadcom Software has discovered what appears to be a brand new family of ransomware named after the Chinese deity that judges the souls of the dead. Yanluowang is the perfect ransomware for the Halloween season, though this particular malevolent digital spirit lacks the subtlety and sophistication of some of its more established brethren.
It's unknown where Yanluowang came from, who's behind it or if it has been used in any attacks other than the one that Symantec responded to against an unnamed "Large organization." Among the files it obtained was code that Symantec said seemed to come from an underdeveloped ransomware family, and they were clued in by some suspicious use of the Active Directory query tool AdFind.
Once installed, the Yanluowang ransomware itself stops all hypervisor VMS running on a compromised machine, ends processes listed in the.
Ransomware isn't a problem set to go away anytime soon.
It'll only get worse as ransomware actors become better at writing code and exploiting vulnerabilities.
News URL
Related news
- Broadcom builds a SASE out of VMware VeloCloud and Symantec (source)
- Major shifts in identity, ransomware, and critical infrastructure threat trends (source)
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7 (source)