China studies Bitcoin-seeking ransomware 'Ryuk'

19 Jul, 2019
by Manshi Soneji Mamtora
China studies Bitcoin-seeking ransomware 'Ryuk'

According to the report by Tencent Yujian Threat Intelligence Center, Ryuk ransomware virus has been spotted in China. The researchers were able to capture and study the ransomware. 

What is 'Ryuk'?

Ryuk is a fictional character in the Japanese series of comics called Death Note. In the comics, Ryuk is a dead demon that allows people who find notes to kill anyone by writing their names. It mainly spread through botnets, spam, et cetera.

Attack in North America

Previously, this ransomware has been seriously harmful in North America. The public administration of La Porte County, Indiana paid a $130,000 ransom to get rid of the virus. In Lake City, Florida, the local government paid a $460,000 ransom after Ryuk infected the city’s computer systems. 

China-case and study

As per the recent attack in China, the virus came attached with a ReadMe note containing two email addresses. Upon replying to the first email address, the researchers received instructions and a ransom demand set at 11 Bitcoin, the market value of almost 750000 yuan. The Tencent Yujian Threat Intelligence Center advised personal users to run Tencent PC Manager and enable file backups, turn off Office macros, and to stay away from unfamiliar emails.

Other safety advice was also provided by the center and the mentioned that this virus reminds all government and enterprises to be more vigilant. One of the characteristics of the virus is that it tends to attack the government and enterprises with high data value, and the ransom is generally very high. Ryuk's blackmail family originated from the Hermes family and the earliest signs of activity can be traced back to August 2018.

This virus was originally thought to have originated in North Korea, but McAfee Labs and Crowdstrike have suggested that Russia is the more likely source.

i bought at the top


Read more about: China Bitcoin (BTC)


Have you been the victim of ransomware?

(15 votes)

Add a comment

Check out the latest news

You will be logged out and redirected to the homepage