Cisco confirms Yanluowang ransomware attack and data theft

The data recently leaked by the Yanluowang ransomware gang was stolen from the company’s network during a cyberattack in May, according to Cisco. However, the company claims that the leak does not change its initial assessment that the incident has no impact on the business.

According to Cisco, on September 11, 2022, malicious actors who had previously posted a list of file names from the security incident to the dark web published the exact content of the exact files to the same place on the dark web. The contents of these files correspond to what has already been revealed.

Although Cisco denies that the attackers have accessed the source code, it announced in August that the Yanluowang ransomware had broken its network after hackers had gained access to the VPN account of an employee.

Among the stolen information were also non-sensitive files from the box folder of the employee, and the attack was stopped before the ransomware could start encrypting systems.

Yanluowang claimed the opposite. According to their leader, they stole thousands of files with a total capacity of 55 GB, including secret information, technical schematics and source code. However, the hacker provided no evidence. They only shared a screenshot of what appears to be a development system.

The source for this piece includes an article in Bleepingcomputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web