YourCyanide, a new and sophisticated ransomware variant that integrates documents into PasteBin, Discord, and Microsoft Office

Attack process

The diagram shown below describes the infection process that YourCyanide follows:


The continuous use of obfuscated scripts makes the task of identifying malicious YourCyanide payloads very difficult, which is very favorable for threat actors. Although this is not a completely new technique, the way the operators of this malware variant use it makes the obfuscation process much more effective.



Knowledge belongs to the world

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store