1 min read

Ryuk Ransomware Now Deadlier

Featured Image

Ryuk Ransomware Now Deadlier

A new Ryuk ransomware variant has appeared in the wild, now with  worm-like capabilities.

According to the French national cyber-security agency (who discovered the variant), this version of Ryuk has the ability to self propagate and move from machine to machine.

Their report (which thankfully has been translated into English), and can be read here, says this nasty software lists all the IP addresses in the local ARP cache and is able to send faux-Wake-on-LAN packets to all the devices it discovers.

After that Ryuk mounts all sharing resources it finds  to encrypt the contents of those devices. Ryuk even leverages schtasks.exe  to help execute itself.

Who's behind Ryuk?

Ryuk is a ransomware-as-a-service (RaaS) that was first uncovered in 2018 and has ruined days around the world ever since. These groups use private affiliate programs where people can submit applications and resumes for membership.

They're pretty successful too. Last year they were able to collect $34 million from just ONE of their victims.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Are Passkeys the Future? Apple Seems to Think So...

It's no secret that passwords are a pain in the butt. They can be difficult to remember, they're a huge target for cybercriminals, etc.

Read More

Alert: Follina aka CVE-2022-30190

A newly discovered exploit is using a flaw in Microsoft's Support Diagnostic Tool (MSDT) to remotely take over end-points via compromised Word...

Read More

Chaos/Yashma: The Torrid Tale of a GUI Based Ransomware Builder...

It used to take a good deal of coding knowledge to build a website or an application. That's not the case anymore. You can build a website in...

Read More