CISA Releases Analysis Reports on New FiveHands Ransomware

Original release date: May 6, 2021

CISA is aware of a recent, successful cyberattack against an organization using a new ransomware variant, known as FiveHands, that has been used to successfully conduct a cyberattack against an organization.  

CISA has released AR21-126A: FiveHands Ransomware and MAR-10324784-1.v1: FiveHands Ransomware to provide analysis of the threat actor’s tactics, techniques, and procedures as well as indicators of compromise (IOCs).  These reports also provide CISA’s recommended mitigations for strengthening networks to protect against, detect, and respond to potential FiveHands ransomware attacks.

CISA encourages organizations to review AR21-126A and MAR-10324784.r1.v1 for more information.

This product is provided subject to this Notification and this Privacy & Use policy.