Malicious programs, especially those that capture files are becoming more common on the Internet. Many of them use cryptocurrency tokens to make defining shelves easier.
According to CoinDesk, this dangerous variant of malware spreads in China.
Malicious programs well known to hackers are spreading all over the world. According to Tencent’s latest security report, a version of the virus has been detected in China.
Known as the “Ryuk” [see Notes on anime death], the goal of invasive software is “logistics companies, technology companies, and small towns”. Its main form of attack is blocking important data and requesting bitcoin exchange.
The Ryuk virus could also lead to a ransomware attack on Tribune, which affects the communications of several companies. In June of this year, the authorities of Lake City, Florida, paid $ 460,000 in salvage after the city’s computer system was taken, hostage. The virus is also responsible for the attack on Riviera Beach in Florida. This time, the city government had to pay $ 600,000.
Ryuk is believed to be a modified version of the Hermes virus, which launched its first attack in August 2018. It spreads by the usual botnet and spam techniques and penetrates helpless IP ports.
After installation, the malware deletes all the files associated with the intrusion and kills any anti-virus processes. This prevents the removal or even analysis of the virus for future operations.
However, in one case, FBI agents found evidence that Ryuk launched a long-range brute-force attack on the desktop protocols. Once an attacker gains access to the victim’s network, he will be able to download other network scanning tools … After completing Ryuk, he will establish a permanent registry embed itself in the working process, search the network file system, and then run the cryptocurrency file.