Cybercriminals are distributing a new form of ransomware in attacks against victims in which they not only encrypt the network but also make threats to launch distributed denial of service (DDoS) attacks and to harass employees and business partners if a ransom isn’t paid.
Dubbed Yanluowang, the ransomware was uncovered by cybersecurity researchers in Broadcom Software’s Symantec Threat Hunter team while they were investigating an attempted cyberattack against a large undisclosed organization.
While the attempted attack wasn’t successful, the investigation revealed a new form of ransomware. It also provided insight into how some cybercriminals are attempting to make attacks more effective — in this case, with the threat of additional attacks.
See also: A winning strategy for cybersecurity (ZDNet special report).
Yanluowang drops a ransom note telling the victim they’ve been infected with ransomware, telling them to message a contact address to negotiate a ransom payment. The note warns victims not to contact the police, FBI or authorities, and not to contact a cybersecurity company — it’s implied that if the victim does this, they won’t get their data back.
But the cybercriminals behind Yanluowang go even further with their threats, suggesting that if the victim calls in outside help, they’ll launch