Ryuk Ransomware Snatches $640,000 Worth of Bitcoin From Major Corporations

Although ransomware attacks seem to create a lot fewer media headlines these days, there are still plenty of concerns out there. The Ryuk malware is quite potent and is mainly designed to target large corporations around the world. Criminals have already earned over half a million dollars in payments from Ryuk, and that may only be the beginning.

Ryuk Should Not Be Underestimated

Over the years, Bitcoin has gotten a very bad reputation among the general public. Its ongoing affiliation with criminal activity has not gone unnoticed. Additionally, the influx of ransomware attacks demanding Bitcoin payments has also caused quite a stir over the years, though they had seemingly tapered off in the past six to twelve months.

Nothing could be further from the truth, unfortunately. While it is true a lot of new ransomware variants have been unsuccessful and nipped in the bud quite quickly, not all threats are created equal. Ryuk, a new threat which has a lot of security researchers concerned, should not be taken lightly. It is a very powerful threat with a proven track record.

Despite being in circulation for just over two weeks, criminals have already earned $640,000 worth of Bitcoin for their efforts. This is very different from how most other types of malware fare, as making such vast amounts of money with malware is rather exceptional. The team behind Ryuk is also doing things very differently, as they are not going after traditional consumers.

Instead, the ransomware is mainly targeted at large organizations. Victims span the US, Japan, and numerous other countries. Unlike consumers, corporations cannot afford any downtime when their computer systems are not working properly. This makes them a perfect target for criminals looking to distribute ransomware on a large scale, as these companies will usually pay a high price.

For the time being, it remains unclear how this ransomware is being distributed. That is always a rather worrisome situation, as it makes it very difficult to crack down on such activity. Researchers are still in the process of investigating this particular malware campaign. So far, two different ransom notes have been discovered, each asking for a ransom of between 15 and 35 bitcoin.

Surprisingly, it appears this is not a random malware campaign. These criminals are purposefully targeting companies which are eager to pay such steep amounts of money. This seems to hint that the criminals are targeting their victims very precisely. It also improves the track record of the Ryuk ransomware itself, which is not something to get excited about.


by JP Buntinx via NullTX