Tech 23 August 2018

Ed Drake

Lazarus Group-linked Ryuk ransomware targets businesses: report

A new BTC ransomware has emerged targeting businesses, threatening to delete files if the victims don’t pay up. Dubbed Ryuk campaign, there are suggestions the attacks could be linked to a North Korean hacker group known to rely on BTC ransom payments, due to similarities in the coding with an earlier ransomware, according to experts at security company Check Point.

Known as Hermes, the ransomware was linked to the Lazarus Group. If confirmed, Ryuk would become just the latest example of hackers from North Korea relying on BTC for extorting their victims.

In a recently published report, Check Point said the nascent attack has already secured as much as $640,000 from its victims, thought to the result of targeting companies and organizations with the budget to pay larger ransoms.

Once the ransomware infects the host system, an email is sent to the organization demanding immediate payment, and threatening an increase of 0.5 BTC in the ransom for every day the message goes unresponded.

In their email, the suspects would warn companies that their “business is at serious risk,” claiming, “There is a significant hole in the security of your company…You should thank the Lord for being hacked by serious people not some stupid schoolboys or dangerous punks… The final price depends on how fast you write to us. Every day of delay will cost you additional +0.5BTC…Nothing personal just business.”

Check Point, which first exposed the scam, said the attack was much more aggressive than previous generations of BTC ransomware.

“From the exploitation phase through to the encryption process and up to the ransom demand itself, the carefully operated Ryuk campaign is targeting enterprises that are capable of paying a lot of money in order to get back on track,” Check Point experts said.

As a result, the Check Point report concluded that more businesses would like be hit by Ryuk: “After succeeding with infecting and getting paid some $640,000, we believe that this is not the end of this campaign and that additional organizations are likely to fall victim to Ryuk.”

BTC ransomware attacks have been on the increase over the last few months, resulting in a growing number organisations and individuals being forced to give in to their demands. While Ryuk may be newer than other attacks, it looks to be shaping up as one of the most aggressive examples developed to date.

Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Cash (BCH) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BCH is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

Pakistan eyes blockchain for digitalization of government processes

Tech 18 April 2019

Pakistan eyes blockchain for digitalization of government processes

A meeting chaired by Pakistan Prime Minister Imran Khan discussed ways in which technologies such as blockchain could be used to ensure efficiency of government processes.

Read More
Accenture, Generali taps blockchain for employee benefits

Tech 18 April 2019

Accenture, Generali taps blockchain for employee benefits

Global management consulting firm Accenture has teamed up with Generali Employee Benefits to develop what they referred to as a unique employee benefits system powered by blockchain.

Read More
Bitcoin SV and the roadmap to Genesis

Tech 17 April 2019

Bitcoin SV and the roadmap to Genesis

Coming soon will be a network upgrade called Quasar, which is currently scheduled for July 24 and centers on increased scaling capabilities.

Read More