BSV
$47.51
Vol 20.12m
3.55%
BTC
$70379
Vol 51771.08m
3.15%
BCH
$344.64
Vol 306.52m
2.65%
LTC
$66.65
Vol 398.98m
-0.12%
DOGE
$0.17
Vol 4285.49m
12.67%
Getting your Trinity Audio player ready...

The Ryuk cryptocurrency-targeting malware is still running rampant, despite efforts to bring it under control. The malware was found in more than 100 government and private-industry computer systems around the world over the past year, according to a report by the U.S. FBI, and has now set its sights on tech equipment in China.

Ryuk is a version of the Hermes virus, which was first found in August 2018. Both malware applications operate by using spam and botnets to infiltrate computer systems and then spread by attacking IP ports that are left unprotected. It was reportedly involved in a ransom scheme at Tribune Publishing this past January, as well as another attack on the city of Lake City, Florida, last month. The city was targeted only two weeks after another Florida city, Riviera Beach, paid a $600,000 ransom to regain access to its computer systems.

According to a report by Tencent Security, Ryuk is now in China. It is used to blackmail computer owners and a recent attack held a computer system hostage for 11 SegWitcoin (BTC), worth around $117,345 at today’s prices.

Tencent warns, “With the continuous expansion of the virus’s intrusion map, Tencent Security Threat Intelligence Center recently detected that the virus has been partially detected in China. Because the virus uses RSA+AES to encrypt user files and users cannot decrypt them temporarily, it reminds all government and enterprises to be vigilant. The ransomware can be intercepted by Tencent Computer Manager and Tencent Royal Terminal Security Management System.”

To help prevent future attacks, Tencent recommends companies close certain ports, such as 135, 139, 445 and others that are typically not used. They should also whitelist other ports that are required and only allow IP connections through those whitelisted ports.

These measures, as well as other security measures, will help contain the distribution of the virus, but won’t stop it completely. According to the FBI, Ryuk is coded in such a way that it can be easily modified to continue its existence. However, as a general rule of thumb, enterprise computer systems need to be locked down as tightly as possible and individual computer users need to avoid opening any email attachment or link unless they can completely verify the source.

Recommended for you

How to construct transactions on BSV blockchain with Python
Python coders, it's time to start learning how to build Bitcoin transactions as nChain's Senior Software Engineer, Arthur Gordon, recently...
November 5, 2024
BSV Association joins OnlyDust’s developer event sponsor list
OnlyDust is a network for open-source developers working with blockchain and decentralized projects; its purpose is to connect contributors, maintainers,...
October 23, 2024
Advertisement
Advertisement
Advertisement