• Latest
  • Trending
Yanluowang Ransomware Now Targeting US Companies

Yanluowang Ransomware Now Targeting US Companies

December 2, 2021
iOS 15.5 arrives ahead of Apple’s annual developer conference

iOS 15.5 arrives ahead of Apple’s annual developer conference

May 17, 2022
Researchers devise iPhone malware that runs even when device is turned off

Researchers devise iPhone malware that runs even when device is turned off

May 17, 2022
AMD Ryzen 7000 “Phoenix” APUs with RDNA3 Graphics to 3D V-Cache

AMD Ryzen 7000 “Phoenix” APUs with RDNA3 Graphics to 3D V-Cache

May 17, 2022
Huawei holds maiden ICT to develop 100,000 ICT Talents through LEAP in Ghana

Huawei holds maiden ICT to develop 100,000 ICT Talents through LEAP in Ghana

May 17, 2022
Nokia Moves HR Functions to Oracle Fusion Cloud HCM

Nokia Moves HR Functions to Oracle Fusion Cloud HCM

May 17, 2022
Ericsson and Turkcell Perform Turkey’s First 5G Connected Mobile Robot Demo

Ericsson and Turkcell Perform Turkey’s First 5G Connected Mobile Robot Demo

May 17, 2022
Relativity and ENSafrica to Help Expand the African Cloud Capabilities

Relativity and ENSafrica to Help Expand the African Cloud Capabilities

May 17, 2022
MTN Nigeria Adopts LigaData’s Time Machine

MTN Nigeria Adopts LigaData’s Time Machine

May 17, 2022
NVIDIA Certifies NetApp EF600 For DGX SuperPOD

NVIDIA Certifies NetApp EF600 For DGX SuperPOD

May 17, 2022
PNY Announced XLR8 DDR5-6000 MAKO RGB Memory Kits

PNY Announced XLR8 DDR5-6000 MAKO RGB Memory Kits

May 17, 2022
V-Color Manta XPrism RGB SCC DDR5-6200 CL36 2x 16 GB

V-Color Manta XPrism RGB SCC DDR5-6200 CL36 2x 16 GB

May 17, 2022
WD Announces WD Black SN850X and P40 Game Drive

WD Announces WD Black SN850X and P40 Game Drive

May 17, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Tuesday, 17 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Yanluowang Ransomware Now Targeting US Companies

by ITECHNEWS
December 2, 2021
in Opinion
0 0
0
Yanluowang Ransomware Now Targeting US Companies

A new ransomware family appears to be making the rounds. Symantec, a division of Broadcom Software, says it’s found evidence of the Yanluowang ransomware being used against US companies since at least August.

Symantec revealed the Yanluowang ransomware family in October after it was used against “a large organization.” Now it says Yanluowang’s operators “have been heavily focused on organizations in the financial sector but have also targeted companies in the manufacturing, IT services, consultancy, and engineering sectors.”

YOU MAY ALSO LIKE

How Encryption Helps Restore Cloud Security Integrity

Penetration Testing vs. Vulnerability Assessments

The company also says that Yanluowang attacks rely on similar tactics, techniques, and procedures to attacks conducted with the Thieflock ransomware-as-a-service. It suspects that attacks involving Yanluowang are being conducted by a former affiliate of Thieflock based on these similarities between attacks involving both families:

  • Use of custom password recovery tools such as GrabFF and other open-source password dumping tools
  • Use of open-source network scanning tools (SoftPerfect Network Scanner)
  • Use of free browsers, such as s3browser and Cent browser

These similarities don’t necessarily prove that Yanluowang and Thieflock are being used by the same threat actor, however, and Symantec says the link between the two is “tentative.” Mandiant principal threat analyst Tyler McLellan, who co-authored a report on the groupbelieved to be responsible for Thieflock in April, tweeted:

Interesting link, but FOXGRABBER (grabff) first observed used by UNC2447 during FIVEHANDS ransomware ops seems to be getting shared around, even UNC2628 (DARKSIDE affiliate) used it as well. NETSCAN is usually the same pirated license keys floating around. https://t.co/KTtkGYvSB9

— Tyler McLellan (@tylabs) November 30, 2021

Symantec says that Yanluowang attacks typically involve an initial reconnaissance phase followed by credential harvesting, data exfiltration, and finally the encryption of the victim’s files. The report from October says the ransom note also includes a threat of distributed denial-of-service attacks and “calls to employees and business partners.”

By Nathaniel Mott

ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

iOS 15.5 arrives ahead of Apple’s annual developer conference

iOS 15.5 arrives ahead of Apple’s annual developer conference

May 17, 2022
Researchers devise iPhone malware that runs even when device is turned off

Researchers devise iPhone malware that runs even when device is turned off

May 17, 2022
AMD Ryzen 7000 “Phoenix” APUs with RDNA3 Graphics to 3D V-Cache

AMD Ryzen 7000 “Phoenix” APUs with RDNA3 Graphics to 3D V-Cache

May 17, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

iOS 15.5 arrives ahead of Apple’s annual developer conference

iOS 15.5 arrives ahead of Apple’s annual developer conference

May 17, 2022
Researchers devise iPhone malware that runs even when device is turned off

Researchers devise iPhone malware that runs even when device is turned off

May 17, 2022

Recent News

  • iOS 15.5 arrives ahead of Apple’s annual developer conference May 17, 2022
  • Researchers devise iPhone malware that runs even when device is turned off May 17, 2022
  • AMD Ryzen 7000 “Phoenix” APUs with RDNA3 Graphics to 3D V-Cache May 17, 2022
  • Huawei holds maiden ICT to develop 100,000 ICT Talents through LEAP in Ghana May 17, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version