DETECTO/ThreatDossier
DashboardPricingThreatsRun Free ScanSign In
DETECTO/ThreatDossier

Security intelligence for MSPs, consultants, and businesses. Find breached credentials, compliance gaps, and exposed infrastructure before attackers do.

Product

  • Scan a Domain
  • Pricing
  • Dashboard
  • Sign In

Resources

  • Threat Intelligence
  • Ransomware Groups

Legal

  • Privacy Policy
  • Terms of Service

© 2026 DETECTO. All rights reserved.

Threats/Groups/Yanluowang

Yanluowang

Inactive

yanluowang

First seen: 2022-07-02T18:46:02.242140+00:00Total victims: 6

According to PCrisk, Yanluowang is ransomware that encrypts (and renames) files, ends all running processes, stops services, and creates the README.txt file containing a ransom note. It appends the .yanluowang extension to filenames. Cybercriminals behind Yanluowang are targeting enterprise entities and organizations in the financial sector.Files encrypted by Yanluowang can be decrypted with this tool (it is possible to decrypt all files if the original file is larger than 3GB. If the original file is smaller than 3GB, then only smaller files can be decrypted).

0Total Victims
0Countries Targeted
0Sectors Targeted
0Avg Attacks/Month

Activity Timelinelast 24 months

Top Targeted Sectors

Top Targeted Countries

No country data available

Recent Victimsshowing 6 of 6

NameCountrySectorDate
Hot news straight from Cisco—Technology2022-08-10T16:48:46.051826+00:00
Shorr.com leakage—Not Found2022-07-02T18:46:12.949629+00:00
Greetings to havi.com and tmsw.com—Not Found2022-07-02T18:46:09.788579+00:00
Big data dump from various organizations—Not Found2022-07-02T18:46:08.058597+00:00
Walmart was encrypted—Consumer Services2022-07-02T18:46:03.757313+00:00
Cincinnati bell didn’t pay the ransom—Telecommunication2022-07-02T18:46:02.242140+00:00

Data from ransomware.live