Yanlouwang Ransomware is malware that is in development, yet it is already causing concern for businesses. The group was discovered in August 2021 in one of its attacks. Yanlouwang is a name of a Chinese entity, known as the god of the underworld, Yanluo Wang. Despite the name being derived from an Asian culture, there is no information on the ransomware’s place of origin.
Despite being in testing stages, the ransomware was able to break into the systems of large institutions such as Walmart. In a post on the group’s leak site, they claim to have accessed around 40,000 to 50,000 Walmart computers. The hackers asked for $55 million to hand over the files, but the company ignored the negotiation and resorted to other methods to recover the data. Walmart denies such an attack.
The ransomware shows no interest in stealing the victims’ files but only encrypts them using the RSA-1024 encryption algorithm. When systems are infected, all files are given the extension “.yanluowang” and if ransomware requirements are not met, threats of DDoS (Distributed Denial of Service) attacks are carried out.
According to Kaspersky, the countries that suffered the most attacks from the group were the US and Turkey, both responsible for 20 per cent of the victims, and Brazil with 16 per cent of the targets. The ransomware operates in these countries targeting organisations in the finance, manufacturing, IT, consulting and engineering sectors.
Recover files encrypted by Yanlouwang ransomware
Digital Recovery is a company specialising in recovering data encrypted by ransomware. We have been operating in the recovery area for more than 23 years facing the most diverse scenarios and challenges of the market.
We together with the team of experts develop unique solutions that allow adaptation to each case we solve. Including a fully remote recovery mode, speeding up the process and making our services more efficient.
In extreme occurrences, we offer a solution in emergency mode, which provides an exclusive service with a team to perform the service 24 hours a day.
To bring better results to the recovery procedure, we work in accordance with the General Data Protection Regulation (GDPR) . And as a company, we know the importance of data confidentiality, with this in mind we have developed our NDA (Non-Disclosure Agreement).
Contact us and request a diagnosis right now, we provide a team that serves 24×7.