Over the last 24 hours, we have gathered additional indicators around LetsDance Ransomware.
Antuit Cyber Intelligence Research Team (“ACIRT”) has determined possibility of a Ransomware campaign dubbed as LetsDance targeted towards Japanese organizations.
The attack vector is suspected to be fake website/phishing email which downloads an initial malicious payload. This is a multistage ransomware campaign which aids the attacker to gain sensitive information from the target system and customize the final encryption payload.
Attackers are financially motivated. We suspect that a North Korean threat actor group dubbed as TENJACKAL is behind this ransomware campaign.
The Antuit Risk Rating for this Out of Band Notification is: HIGH
Analysis of captured threat actor footprints and correlation with external threat vectors indicates that this is a possible threat, and your organization is advised to take precautionary measures as highlighted in this report.