• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

Kaspersky Announces Decryption Tool for Yanluowang Ransomware

by CXO Staff
April 22, 2022
in News

The ransomware dubbed Yanluowang targets companies around the world, encrypting files on their computers and blocking access to their systems, so that victims cannot access their dat

ransomware cyber attack security

The ransomware dubbed Yanluowang targets companies around the world, encrypting files on their computers and blocking access to their systems, so that victims cannot access their data. Previously, victims’ only solution was to pay a ransom to the cybercriminals. However, after analysing the ransomware, Kaspersky researchers have developed a free tool that allows victims to recover their affected files without using the attackers’ key. The tool is already available on the No Ransom website.

Yanlouwang was first discovered in October 2021. Its name is a reference to the Chinese deity, Yanluo Wang, one of the ten kings of hell. According to Kaspersky telemetry, Yanlouwang has been attacking large businesses in the United States, Turkey, Brazil and other countries.

An example of a Yanluowang attack ransom note
An example of a Yanluowang attack ransom note

An attack using Yanluowang begins with an operator manually launching encryption. While encrypting the victims’ files, this ransomware changes file extensions to “.Yanlouwang.” After attacking the computer, an open-access file is left with a ransom note. Cybercriminals threaten the victim that if they go to the police all files on the infected computer will be deleted. Even after deletion of all files, they will still not be left alone: Yanluowang’s authors threaten to then attack the entire company with DDoS attacks and ransomware infections on the company’s employee computers.

Kaspersky experts analysed the ransomware and found a vulnerability that allows victims to decrypt files on an infected computer. The user needs to have one or more original files and download a specially designed decryption tool. The victim is then able to decrypt the affected files independently.

“While Yangluowang is not a widespread ransomware threat, it still hurts users and, in the fight against ransomware, every defeated malicious program counts. Ransomware is an international threat, and that is why it is important for the cyber community to cooperate in the fight against ransomware. We hope our contribution helps organisations attacked by Yanlouwang,” said Yanis Zinchenko, Security Researcher at Kaspersky.

Read the full report about the Yanluowang on Securelist.

To protect yourself from ransomware attacks, Kaspersky recommends:

  • Do not expose remote desktop services, (such as RDP), to public networks unless absolutely necessary and always use strong passwords for them.
  • Promptly install available patches for commercial VPN solutions that provide access for remote employees and act as gateways into your network.
  • Always keep software updated on all devices you use to prevent ransomware from exploiting vulnerabilities.
  • Focus your defense strategy on detecting lateral movements and data exfiltration to the Internet. Pay special attention to outgoing traffic to detect cybercriminals’ connections.
  • Back up data regularly and make sure you can access it quickly in an emergency.
  • Use the latest Threat Intelligence to stay on top of current TTPs used by threat actors.
  • Use solutions like Kaspersky Endpoint Detection and Response and Kaspersky Managed Detection and Response, which help identify and stop an attack during its early stages before attackers are able to achieve their final goals.
  • Protect the corporate environment by educating your employees. Dedicated training courses, such as the ones provided on the Kaspersky Automated Security Awareness Platform, can help.
  • Use a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business, that is powered by exploit prevention, behavior detection and a remediation engine capable of rolling back malicious actions. KESB also has self-defense mechanisms to prevent cybercriminals from removing it.

The Yanluowang decryptor has been added to the “No Ransom Kaspersky Rannoh Decryptor” tool. It can be downloaded from the No Ransom website – a project launched by Kaspersky to share solutions and stop the scourge of ransomware.

Tags: featured2KasperskyransomwareThreat IntelligenceYanluowang
ShareTweet

Related Posts

Gartner forecasts rise of Guardian agents
Future

Gartner forecasts rise of Guardian agents

By 2030, guardian agent technologies will account for at least 10 to 15% of agentic AI markets, according to Gartner....

June 12, 2025
Deloitte ME advances AI integration with launch of Global Agentic Network
Future

Deloitte ME advances AI integration with launch of Global Agentic Network

Deloitte has launched its Global Agentic Network, a strategic initiative designed to scale AI-driven digital workforce solutions for organisations around...

June 12, 2025

Discussion about this post

Latest Issue

Gartner forecasts rise of Guardian agents

Gartner forecasts rise of Guardian agents

June 12, 2025
Deloitte ME advances AI integration with launch of Global Agentic Network

Deloitte ME advances AI integration with launch of Global Agentic Network

June 12, 2025
TeKnowledge and Kore.ai partner to close the enterprise AI execution gap

TeKnowledge and Kore.ai partner to close the enterprise AI execution gap

June 12, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2023
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2024 - CXO Insight Middle East. All Rights Reserved.