Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: G+ Digg Delicious Reddit Facebook Twitter StumbleUpon

[-]
Tags
russian gang ryuk ransomware north korean not probably

Ryuk ransomware gang probably Russian, not North Korean
#1
Quote:The Ryuk ransomware is most likely the creation of Russian financially-motivated cyber-criminals, and not North Korean state-sponsored hackers, according to reports published this week by four cyber-security firms --You are not allowed to view links. Register or Login to view., You are not allowed to view links. Register or Login to view., You are not allowed to view links. Register or Login to view., and You are not allowed to view links. Register or Login to view..

These companies published these reports this week after several news outlets incorrectly attributed a You are not allowed to view links. Register or Login to view. that took place over the Christmas holiday on North Korean hackers

However, evidence suggests that the ransomware was created by a criminal group that Crowdstrike calls Grim Spider, who appears to have bought a version of the Hermes ransomware You are not allowed to view links. Register or Login to view., and modified it to their own requirements into what now is known as the Ryuk ransomware.

The confusion comes from the fact that North Korean state hackers deployed a version of the Hermes ransomware on the network of the Far Eastern International Bank (FEIB) in Taiwan after carrying out a hack in October 2017.

Researchers believe North Korean hackers bought the same Hermes ransomware kit from hacking forums, like the Grim Spider group, and deployed it on the bank's network as a distraction and to cover the tracks of their cyber-heist, and that there is no connection between the Pyongyang regime's hackers and the Ryuk ransomware strain.


You are not allowed to view links. Register or Login to view.
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Ryuk ransomware attacks businesses over the holidays Mohammad.poorya 0 79 01-09-2019 , 06:01 AM
Last Post: Mohammad.poorya
  After SamSam, Ryuk Shows Targeted Ransomware is Still Evolving Mohammad.poorya 0 113 12-19-2018 , 01:09 PM
Last Post: Mohammad.poorya
  Ryuk Ransomware extension .RYK!Demonstration of attack video review. Mohammad.poorya 0 82 12-06-2018 , 03:57 AM
Last Post: Mohammad.poorya
  Russian Ransomware Encrypts Your Files and Then Speaks to You tarekma7 1 557 03-05-2016 , 01:47 PM
Last Post: dinosaur07

Forum Jump:


Users browsing this thread: 1 Guest(s)