A new ransomware variant nicknamed Venus has claimed at least one health care entity in the United States as a victim, the HHS Health Sector Cybersecurity Coordination Center (HC3) said in a warning note.
The threat actors behind Venus ransomware operations are known to target publicly exposed Remote Desktop Services to encrypt Windows devices, HC3 said. The ransomware variant also is known as GOODGAME.
“Venus ransomware appears to have begun operating in the middle of August 2022 and has since encrypted victims worldwide,” HC3 said in its warning. “When executed, the Venus ransomware will attempt to terminate 39 processes associated with database servers and Microsoft Office applications.”