 |
| Credit: Trend-micro |
Originally WannaRen discovered in 2020 when it is used against Chinese internet users. it is used for a very short time-span but damaged a lot in that short time than ransomware author shared the decryption keys to a security company in August 2020 and we believe that it was the end of WannaRen ransomware.
October 2022 Trend Micro team discovered "Life ransomware" which they believe may be a new variant of WannaRen. New Variant targeted Indian organizations .
"We first discovered the infection under the process of a non-malicious executable WINWORD.exe (the executable file of Microsoft Word). However, further investigation revealed that this infection was a multi-component malware that abuses WINWORD.exe for malicious DLL sideloading (Towards the end of October, we found variants abusing NTSD.exe instead). Furthermore, the actual ransomware is also dropped into the system as an encrypted file, with the attackers using command-line arguments supplied to WINWORD to fetch the ransomware. " Trend-micro said in his report
Comments