Ransomware
Lorenz
First seen: 2021-04 • Status: active
Currently Active Threat
Lorenz ransomware targets small businesses by exploiting phone system vulnerabilities. They steal data before encrypting.
Overview
Lorenz ransomware targets SMBs with double extortion. They exploit Mitel VoIP vulnerabilities for initial access.
How It Spreads
- • Mitel VoIP exploitation
- • RDP
What It Does
- • File encryption
- • Data theft
- • VoIP targeting
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Patch Mitel devices
- • Monitor for VoIP exploitation
MITRE ATT&CK Techniques
T1486, T1190
If You're Infected
- 1.
Patch Mitel systems
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required