UPDATE – LETSDANCE RANSOMWARE CAMPAIGN

Published On : 2018-07-30
Share :
UPDATE – LETSDANCE RANSOMWARE CAMPAIGN

Over the last 24 hours, we have gathered additional indicators around LetsDance Ransomware.

Antuit Cyber Intelligence Research Team (“ACIRT”) has determined possibility of a Ransomware campaign dubbed as LetsDance targeted towards Japanese organizations.

The attack vector is suspected to be fake website/phishing email which downloads an initial malicious payload. This is a multistage ransomware campaign which aids the attacker to gain sensitive information from the target system and customize the final encryption payload.

Attackers are financially motivated. We suspect that a North Korean threat actor group dubbed as TENJACKAL is behind this ransomware campaign.

The Antuit Risk Rating for this Out of Band Notification is: HIGH

Analysis of captured threat actor footprints and correlation with external threat vectors indicates that this is a possible threat, and your organization is advised to take precautionary measures as highlighted in this report.

Please download the report from the from below:

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.