April 26, 2022

Kaspersky Releases Decryptor for Yanluowang Ransomware

Industry: N/A | Level: Strategic | Source: Securelist

Kaspersky has identified a vulnerability in Yanluowang ransomware and provided a free decryptor for the malware. Yanluowang ransomware is a relatively new strain of ransomware observed in August 2021. The ransomware has targeted victims in the United States, Brazil, Turkey, and other countries. Few victims have come forward and the victim count is suspected to be low due to the targeted nature of the ransomware group’s campaigns. As shared from Kaspersky using publicly collected information, “it is only used in targeted attacks rather than in other RaaS families. Yanluowang itself needs parameters to be executed in the system, meaning it will be executed either manually or through a combination of scripts in the compromised system.”