Ransomware Group

Lorenz

Also known as: Lorenz Ransomware

Status: active • First seen 2021-02100+ known victims

Lorenz targets companies through their VPNs. If your VPN is unpatched, you're at risk.

Overview

Lorenz exploits VPN vulnerabilities to gain initial access to corporate networks.

Target Industries

Manufacturing, Technology, Healthcare

How They Attack

  • VPN exploitation
  • Mitel VoIP exploitation
  • Credential theft

Notable Victims

Hensoldt (2022)

Is your business exposed?

How to Protect Against Lorenz

  1. 1.

    Patch VPN appliances immediately

MITRE ATT&CK Techniques

T1133, T1486, T1078

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices