Venus Ransomware Variant Targeting Remote Desktop Services, HC3 Warns

A new ransomware variant nicknamed Venus has claimed at least one health care entity in the United States as a victim, the HHS Health Sector Cybersecurity Coordination Center (HC3) said in a warning note.

The threat actors behind Venus ransomware operations are known to target publicly exposed Remote Desktop Services to encrypt Windows devices, HC3 said. The ransomware variant also is known as GOODGAME.

“Venus ransomware appears to have begun operating in the middle of August 2022 and has since encrypted victims worldwide,” HC3 said in its warning. “When executed, the Venus ransomware will attempt to terminate 39 processes associated with database servers and Microsoft Office applications.”

This document is only available to subscribers. Please log in or purchase access.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field