Unknown Threat Actor Wields New Yashma Ransomware Variant
- An unknown threat actor is using a new variant of the Yashma ransomware.
- The operation has been active at least since June 4, 2023.
- The targets are varied, spanning English-speaking countries, Bulgaria, China, and Vietnam.
- Cisco Talos links the operation with moderate confidence to a likely Vietnamese origin.
- The threat actor employs an unusual technique to deliver the ransom note.
Are you ready for some unknown intruder drama? Because that’s exactly what we’re getting! An unknown threat actor has taken to bullying various entities in English-speaking countries, Bulgaria, China, and Vietnam with a new variant of the Yashma ransomware. You heard it right, folks – they’re not just persistent, they’re innovative! And they’ve been at this game since at least June 4, 2023.
The invisible mischief-maker’s origin is something of a mystery, but who you gonna call when you need a tech-threat Ghostbuster? Cisco Talos, of course. In a plot twist similar to a CSI episode, Cisco Talos has stepped in and connected the operation, with moderate confidence, to a likely Vietnamese origin. Before you jump to conclusions, remember – we’re not pointing fingers at countries, but it does raise an eyebrow or two!
The Uncommon Delivery
Not content with just unleashing havoc, this threat actor also uses a unique technique to deliver the ransom note. It’s like getting chocolates delivered on Valentine’s Day, except it leaves you heartbroken instead of loved. Details on the unique delivery style are scant, but it seems our mystery cyber villain likes pulling unconventional tricks out of the bag. Beware folks, you never know what form your next slice of ransomware could take.
As our tech whodunit unfolds, an unknown threat actor has been playing fast and loose with a new variant of Yashma ransomware since June 4, 2023. While their doomsday toys take aim at various entities worldwide, hints suggest our cyber ne’er-do-well might hail from Vietnam. And, in the spirit of being unique, they favor an unusual delivery style for ransom notes – which goes to show that even cybercriminals, just like dads, can’t resist an unusual joke now and then!