New Yashma Ransomware Variant Mimics WannaCry in New Attack

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A Vietnamese-origin threat actor employs a Yashma ransomware variant since June 2023, using unique GitHub-based ransom note delivery and mimicking WannaCry. This operation demonstrates the accelerated diversification of ransomware attacks due to leaked source code and builders.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.