Technology

Ryuk Ransomware Banks $4million and is Created by Russian Cybercrime Group Grim Spider

Ryuk ransomware has been in the gist of things in recent times as far as Cybersecurity is concerned. The ransomware not only created quite a stir among the security researchers, but it also turned out to be quite profitable to its operators. According to Security researchers of Crowdstrike and FireEye, Ryuk ransomware amassed a whopping $4million net-worth of Bitcoin spread across 52 payments. The numbers are quite impressive indicating the colossal damage that it caused to organisations.

Initial confusions regarding the creators of malicious malware have been clarified with the emergence of the latest evidence. Earlier, it was believed that Ryuk softw are created by the State create North Korean hackers, but now it seems Russian cybercrime group “Grim Spider” are the chief culprits. It was confirmed based on the Internet addresses and also on the usage of occasional language reference. The grim spider seems to have brought a version of Hermes ransomware from the hacking forums. They then modified the ransomware to fit their requirements which led to the origin of Ryuk ransomware.

Advertisement

The North Korean Hackers have deployed a similar version of Ryuk malware on the network of Far Eastern International Bank (FIEB). The operators employed a clever tactic to locate large enterprises and later demanded hefty ransoms in return. Unlike the routine modes of infection, the Ryuk ransomware includes and sequential mode and does not target all the possible victims en masse. According to CrowdStrike and FireEye, the ransomware infects initially infects thousands of systems with a powerful trojan dubbed Trickbot. After identifying potential systems belonging to large enterprises or government organisations capable of paying hefty sums, they infect the systems with a separate malware “Ryuk”. However infected computers of smaller organisations of enterprises or organisations are not subjected to the follow-on attack.

Also Read: Ring let its staff in Ukraine watch unencrypted video files of customers: Report

The method is synonymous with Samsam malware that infected the systems of Atlanta city inflicted $30 million in damages. Ryuk demands ransom depending on the customer and may vary anywhere between 1.7BTC to 99BTC. The operators keep a close watch on the Bitcoin transactions of hacked Ryuk infected systems and demand accordingly. Gone are the days, when lone hackers create trojans and run individual ransomware operations. The current case represents a broader picture, wherein the cybercriminals are operating as a group thereby inflicting major damages.

Source

Sekhar. M

Always on the move with the latest happenings in the field of technology and health. When I am not writing, you can find me listening to the latest chartbusters. Also being a sports geek, I always keep a close eye on all the latest happenings.

Share
Published by
Sekhar. M

Recent Posts

78cm Modular Electric Car iEV Z Changes Size as per the Need

iEV motors from Denmark has manufactured a pod-sized 78 cm iEV Z modular electric car.…

3 years ago

Updated Garena free fire redeem codes today new: How to redeem Ff rewards?

Garena free fire - Illuminate is a multiplayer battle royal mobile game. The app is…

3 years ago

Top 11 Ways to Keep Your Brain Healthy and Young

The stressors of adult life can take a serious toll on your brain and make…

3 years ago

Top Men Body Hair Removal Methods-2021

Men often experience a lot of irritation and embarrassment due to the unwanted growth of…

3 years ago

Microservices vs Monolithic architecture, Which is right for your Business?

Web application architecture describes the relationship between servers, databases and applications. All web applications are…

4 years ago

How Mobile Apps are Revolutionizing The Media And Entertainment Industry

Gone are the days when mobile phones come in handy only for voice calling and…

4 years ago