The WannaRen ransomware resurfaced as Life ransomware

Updated 2022-11-27: Life ransomware

Trend Micro said it detected a new version of the WannaRen ransomware in attacks against Indian users in the month of October. The original WannaRen ransomware was only active for a few days in August 2020 when it infected thousands of Chinese internet users who downloaded copies of a malicious Notepad++ app hosted on local download sites. The ransomware went silent for days after the attack, after several Chinese security companies released free decrypters to help users recover their encrypted data. Trend Micro called this new WannaRen variant Life ransomware, but the company didn’t say if it was still decryptable. Read more: Author of WannaRen ransomware contacts security firm to share decryption key

Updated on 11/24/2022

The dormant WannaRen ransomware resurfaced as Life ransomware targeting Indian organizations. Read more: WannaRen returns as Life Ransomware, targets India

Overview: WannaRen Ransomware Operators Offer Key

A ransomware group responsible for spreading the WannaRen ransomware earlier this year has offered the malware’s decryption key. WannaRen infected tens of thousands of computers belonging to Chinese and Taiwanese companies and home users. WannaRen uses the EternalBlue exploit, which WannaCry operators used in May 2017. Within a week, the malware spread beyond what the operators intended, so they contacted a cybersecurity company and offered the master decryption key.

Read more in: WannaRen ransomware author contacts security firm to share decryption key

Also Read:  The latest AMD Vulkan driver "AMDVLK" provides increased performance and graphical fixes for various games

Leave a Comment