Skip to main content

Hersteller-News

Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti

28. November 2022

TrellixThe name “Yanluowang” comes from Chinese mythology (Yanluo Wang is a Chinese deity), suggesting the ransomware gang is potentially of Chinese origin. However, all the communications in the leaked chats were in Russian language and it appears that the name was chosen deliberately to masquerade as a Chinese threat actor.

The ransomware group was first discovered by Symantec back in October 2021. Yanluowang has been used in human-operated, highly targeted attacks predominantly against Western enterprises such as Cisco, Walmart and others. ...read more!