OUT OF BAND NOTIFICATION
UPDATE – LETSDANCE RANSOMWARE CAMPAIGN
Jul 30, 2018

Over the last 24 hours, we have gathered additional indicators around LetsDance Ransomware.

Antuit Cyber Intelligence Research Team (“ACIRT”) has determined possibility of a Ransomware campaign dubbed as LetsDance targeted towards Japanese organizations.

The attack vector is suspected to be fake website/phishing email which downloads an initial malicious payload. This is a multistage ransomware campaign which aids the attacker to gain sensitive information from the target system and customize the final encryption payload.

Attackers are financially motivated. We suspect that a North Korean threat actor group dubbed as TENJACKAL is behind this ransomware campaign.

The Antuit Risk Rating for this Out of Band Notification is: HIGH

Analysis of captured threat actor footprints and correlation with external threat vectors indicates that this is a possible threat, and your organization is advised to take precautionary measures as highlighted in this report.

Please download the report from the from below: