A piece of “Ryuk” ransomware has been identified and is being studied by the Tencent Yujian Threat Intelligence Center, according to a report that the Center published on July 16th. Ryuk viruses are a kind of malware that has been designed to infect government and enterprise computers that contain important official information.
Researchers at the Center were able to both catch and study the virus as it carried out its dirty work. Additionally, two email addresses were contained in a ReadMe note that came with the virus; after researchers sent a message to one of them, they immediately received a ransom demand for 11 BTC, worth over $100,000.
— MalwareHunterTeam (@malwrhunterteam) February 14, 2019
#FBS2020: FBS Gives Away Lucky Gift Boxes in A New Year PromoGo to article >>
A number of these viruses have successfully attacked various government bodies in the US, including La Porte Country, Indiana, which pay $130,000 in ransom to rid itself of the virus. The government of Lake City, Florida, paid $460,000 in ransom.
The viruses are believed to have originated from Russia-based hacking group GRIM SPIDER.
Ryuk viruses were granted their names as a reference to Death Note, a popular manga and anime series in which a death god (called a “Ryuk”) will kill anyone whose name is written onto the pages of a notebook.
Malware continues to plague crypto
The cryptocurrency space has been struck with a number of problems since its inception. Unfortunately, malware continues to be one of the industry’s major pain points; last year, over $1 billion in cryptocurrency was stolen through various means of hacking and fraud, a significant portion of which was related to malware.
Some of the most recent iterations of the malware plague include a botnet that infiltrates Android devices and covertly converts them into cryptocurrency mining devices.
Another similar piece of malware attempted to target Linux servers to accomplish the same end. The practice of hijacking devices to use them as cryptocurrency miners without their owners’ consent is known as “cryptojacking.”