New file-locking Ryuk ransomware targets large organizations

Ransomware demands a ransom from average people and corporates for encrypted files

In only a few days of existing Ryuk ransomware made over $600 000 from ransom payments alone. This is a cryptovirus that locks data using AES-256 and RSA-4096 encryption methods. Already there is few companies, data and healthcare centers that got infected with this malware. In total there are only ten victims that researchers have information about, but they made big money because the ransom amount differs from 10 to 50 BTC, depending on the victim. It means that bigger companies are paying up to $300 000.

This Ryuk virus targets different people, so there are two different ransom notes. The one is created for large organizations and is written politely, detailed and highly informative. It is stated that the victim has only two weeks to pay the ransom for encrypted files or it may lead to total data destruction. The second note, geared towards the average user and is blunter, states that data have been encrypted and the victims need to pay the ransom in Bitcoin.

Ransomware distributed via system vulnerabilities

As stated in one of the ransom messages virus developers used a hole in the security system and infected this device. People behind Ryuk guarantees that they can provide you with tips on how to fix these system issues and avoid any repetition of the infection. The criminals also say that there is a software that can make the hacking difficult for other intruders and they are willing to recommend if you pay the demanded amount.

These system vulnerabilities might be the distribution method for this particular virus, but not the most common practice for spreading ransomware. Spam email messages with malicious files are the most common when it comes to spreading ransomware infections. These emails can look safe and legitimate, but the attached files have nothing safe about them and the minute you download and open the document on your device you get malware.

There is a possible way to protect your files

Since these infections are silent and it makes them more dangerous, you need to be cautious and take precautionary measures. There is a way to keep your system protected. You need to, firstly, be cautious and pay more attention to what happens on your device. If you are not waiting for an email, do not open randomly gotten ones without thinking it through. You need to check the sender’s address and be cautious if it is unknown.

Also, remember that legitimate companies and services are not going to send you emails with lots of typos or grammar mistakes. Malicious actors often use reputable company names to disguise their products. You should delete suspicious, questionable emails without opening or at least try to scan each attached file before downloading and opening.

Unfortunately, no one tool can prevent viruses like Ryuk ransomware from spreading and keep your system safe from any malware. But there are malware-fighting programs like anti-malware or security software like antivirus. Anti-malware tools can detect and remove existing malware, and if you keep it as an additional security tool, it blocks potential threats. This tool can also identify system vulnerabilities and outdated files. Antivirus protects your device from infections. Keep these up-to-date and occasionally scan your system.