'Ryuk' Crypto Ransomware Discovered & Studied by Tencent in China

Friday, 19/07/2019 | 07:00 GMT by Rachel McIntosh
  • Tencent's Yujian Threat Intelligence Center received a ransom request for 11 BTC.
'Ryuk' Crypto Ransomware Discovered & Studied by Tencent in China
FM

A piece of “Ryuk” ransomware has been identified and is being studied by the Tencent Yujian Threat Intelligence Center, according to a report that the Center published on July 16th. Ryuk viruses are a kind of malware that has been designed to infect government and enterprise computers that contain important official information.

Researchers at the Center were able to both catch and study the virus as it carried out its dirty work. Additionally, two email addresses were contained in a ReadMe note that came with the virus; after researchers sent a message to one of them, they immediately received a ransom demand for 11 BTC, worth over $100,000.

A number of these viruses have successfully attacked various government bodies in the US, including La Porte Country, Indiana, which pay $130,000 in ransom to rid itself of the virus. The government of Lake City, Florida, paid $460,000 in ransom.

The viruses are believed to have originated from Russia-based hacking group GRIM SPIDER.

Ryuk viruses were granted their names as a reference to Death Note, a popular manga and anime series in which a death god (called a “Ryuk”) will kill anyone whose name is written onto the pages of a notebook.

Malware continues to plague crypto

The cryptocurrency space has been struck with a number of problems since its inception. Unfortunately, malware continues to be one of the industry’s major pain points; last year, over $1 billion in cryptocurrency was stolen through various means of hacking and fraud, a significant portion of which was related to malware.

Some of the most recent iterations of the malware plague include a botnet that infiltrates Android devices and covertly converts them into cryptocurrency mining devices.

Another similar piece of malware attempted to target Linux servers to accomplish the same end. The practice of hijacking devices to use them as cryptocurrency miners without their owners' consent is known as "cryptojacking."

A piece of “Ryuk” ransomware has been identified and is being studied by the Tencent Yujian Threat Intelligence Center, according to a report that the Center published on July 16th. Ryuk viruses are a kind of malware that has been designed to infect government and enterprise computers that contain important official information.

Researchers at the Center were able to both catch and study the virus as it carried out its dirty work. Additionally, two email addresses were contained in a ReadMe note that came with the virus; after researchers sent a message to one of them, they immediately received a ransom demand for 11 BTC, worth over $100,000.

A number of these viruses have successfully attacked various government bodies in the US, including La Porte Country, Indiana, which pay $130,000 in ransom to rid itself of the virus. The government of Lake City, Florida, paid $460,000 in ransom.

The viruses are believed to have originated from Russia-based hacking group GRIM SPIDER.

Ryuk viruses were granted their names as a reference to Death Note, a popular manga and anime series in which a death god (called a “Ryuk”) will kill anyone whose name is written onto the pages of a notebook.

Malware continues to plague crypto

The cryptocurrency space has been struck with a number of problems since its inception. Unfortunately, malware continues to be one of the industry’s major pain points; last year, over $1 billion in cryptocurrency was stolen through various means of hacking and fraud, a significant portion of which was related to malware.

Some of the most recent iterations of the malware plague include a botnet that infiltrates Android devices and covertly converts them into cryptocurrency mining devices.

Another similar piece of malware attempted to target Linux servers to accomplish the same end. The practice of hijacking devices to use them as cryptocurrency miners without their owners' consent is known as "cryptojacking."

About the Author: Rachel McIntosh
Rachel McIntosh
  • 1509 Articles
  • 55 Followers
Rachel is a self-taught crypto geek and a passionate writer. She believes in the power that the written word has to educate, connect and empower individuals to make positive and powerful financial choices. She is the Podcast Host and a Cryptocurrency Editor at Finance Magnates.

More from the Author

CryptoCurrency