informa

New Warning on Ryuk Ransomware

Campaign throws in Emotet and Trickbot for good measure, according to the UK's National Cyber Security Centre.

A new Ryuk campaign is spreading globally, according to a warning issued by the UK's National Cyber Security Centre (NCSC).

Ryuk is ransomware known for its long "dwell time" — the time between initial infection and system damage — and for adjusting the amount of ransom demanded based on the victim's perceived ability to pay.

The warning lists Emotet, a banking Trojan, and Trickbot, a browser-manipulation data skimmer, as components of the new campaign. According to the NCSC, a common sequence is initial infection by Emotet, followed by a Trickbot infection that carries obfuscation capabilities. If the victim's system provides information that indicates the ability to pay a ransom, Ryuk is deployed.

Read more here.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

 

 

 

Recommended Reading: