YourCyanide, a new and sophisticated ransomware variant that integrates documents into PasteBin, Discord, and Microsoft Office

Attack process

The diagram shown below describes the infection process that YourCyanide follows:

Bypass-focused

The continuous use of obfuscated scripts makes the task of identifying malicious YourCyanide payloads very difficult, which is very favorable for threat actors. Although this is not a completely new technique, the way the operators of this malware variant use it makes the obfuscation process much more effective.

--

--

Knowledge belongs to the world

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store