A ransomware virus that has successfully infiltrated more than 100 government and private enterprises in the U.S. and internationally has been detected in China, according to a recent Tencent Security report.
Dubbed Ryuk, the pernicious code targets "Logistics companies, technology companies and small municipalities" with high data value, demanding bounties upward of $5 million paid in bitcoin, according to the Federal Bureau of Investigation.
In January, Ryuk was thought to be behind a hack of Tribune Publishing, affecting all of the media conglomerate's outlets.
Ryuk is thought to be a modified version of the Hermes virus, which debuted in August 2018.
It spreads through the usual botnet and spam methods, and infiltrates through undefended IP ports.
In one case FBI agents found evidence Ryuk entered through a Remote Desktop Protocols brute force attack.
"After the attacker has gained access to the victim network, additional network exploitation tools may be downloaded once executed, Ryuk establishes persistence in the registry, injects into running processes, looks for network connected file systems, and begins encrypting files."
The virus also drops a "RyukReadMe" file that opens the blackmail letter on the victim's internet browser.
The html webpage lists only the two hacker's email addresses in the upper left hand corner, the name of the virus in the center of the page, and the cryptic phrase "Balance of shadow universe" in the bottom right corner.
The FBI has been tracking the virus since 2018 and have noticed a number of modifications.
Bitcoin Ransomware That Infiltrated 100 US Enterprises Spreads to China
Published on Jul 18, 2019
by Coindesk | Published on Coinage
Coinage
Mentioned in this article
Recent News
View All
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.