Unmasking New Ran: A Vicious Ransomware Menace
First introduced to the cyber world in October 2021, New Ran is a pernicious ransomware variant that began a reign of terror within the tech-savvy community. New Ran ransomware poses an imposing threat due to its ability to encrypt the victim’s files and demand a hefty ransom for their recovery. The ransomware was notably used in attacks on Authorize.net and the popular Kaseya VSA platform, with the attackers demanding massive payoffs in each instance. News of these attacks can be found here and here.
Information on “New Ran Ransomware”
|Ransomware Name(s)||New Ran|
|First Detection/Reported||October 2021|
|Ransom Note Name||Readme.lalo.txt|
- New Ran is dubbed so because it evolves from the notorious Ranzy Locker and ThunderX ransomware families.
- New Ran primarily targets businesses and organizations rather than individual personal systems.
- The threat actors behind New Ran release the decryption keys to the public if their demands are not met within a given deadline.
- The ransomware operators engage with the victims via an email address provided in the ransom note.
- Similarly to most ransomware operators, New Ran operators tend to double-dip by not only encrypting the data but also exfiltrating it for potential information selling or threat of publishing online.
If your organization falls victim to the New Ran ransomware or any other such malicious software, immediate action is crucial. Our ransomware decryption service specializes in helping businesses recover their data and restore operations with minimal downtime. Trust in our expertise to navigate through the complexities of ransomware recovery.