Cisco was hacked by Yanluowang Ransomware

The representatives of Cisco have finally confirmed that in May 2022 the company’s corporate network was hacked by one of the nasty malware named Yanluowang Ransomware. So the group of hackers who were operating this malicious ransomware virus claimed that they have 2.8GB of data of the company.


At first, the virus targeted the company in some way, and then after taking possession of 2.8GB of data from the company’s corporate network that started blackmailing Cisco and demanding ransom money in exchange for encrypted data and said that if the money is not given by the company then all the stolen data will be published on a public domain.

So the company said that the attacker has stolen the data, but whatever data they have stolen was non-confidential data which was present in the box fielder of the company’s employee account, apart from this any secret of the company and Important data is not theft.

Cisco made an official statement that the attackers publicly published all the data they had stolen on a darknet website on August 10, and after that, we have also adopted some additional measures to protect the company so that such incidents can’t be repeated again in the future.

So the investigation into this incident revealed that the attackers who stole the company’s data with the help of Yanluowang ransomware first hacked their shell’s personal data and then stole the credentials from a private employee of the company and then used it to reach the Cicso company Network, That included usernames and passwords that were synchronized with the browser.

This attack on the Cisco company, if I say it happened in the same style as it would have been online, then it cannot be completely denied because, before the attack, the attackers introduced themselves as support specialists to the company’s staff and ask the staff to allow a push notification to prevent phishing attacks by cleverly confusing the staff and as soon as the staff approved on the click of the allow button these hackers were able to access the VPN in the context of the target user

About the author

Christopher Edwards

Hey This is Chris, I am a Malware researcher and security analyst. I love to find out about new threats and viruses and I started this website to teach people how to stay safe online. You will get all the latest malware removal tips and tricks here. You can also ask for any virus related problem in comment section or through our contact page.