Security News > 2021 > October > New Yanluowang ransomware used in targeted enterprise attacks
A new and still under development ransomware strain is being used in highly targeted attacks against enterprise entities as Broadcom's Symantec Threat Hunter Team discovered.
The malware, dubbed Yanluowang ransomware based on the extension it adds to encrypted files on compromised systems.
Within days of the researchers spotting the suspicious AdFind use, the attackers also attempted to deploy their Yanluowang ransomware payloads across the breached organization's systems.
On encrypted systems, Yanluowang also drops a ransom note named README.txt that warns its victims not to reach out to law enforcement or ask ransomware negotiation firms for help.
"If the attackers' rules are broken the ransomware operators say they will conduct distributed denial of service attacks against the victim, as well as make 'calls to employees and business partners'," the Broadcom researchers added.
After the ransomware attacks on Colonial Pipeline and JBS this summer, Deputy National Security Advisor Anne Neuberger also told U.S. businesses to take ransomware seriously.
News URL
Related news
- Preventing the next ransomware attack with help from AI (source)
- Ransomware on ESXi: The mechanization of virtualized attacks (source)
- OneBlood confirms personal data stolen in July ransomware attack (source)
- Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M (source)
- Medusa ransomware group claims attack on UK's Gateshead Council (source)
- Ransomware attack forces Brit high school to shut doors (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)
- Only 13% of organizations fully recover data after a ransomware attack (source)
- Ransomware attack at New York blood services provider – donors turned away during shortage crisis (source)