Research Suggests Russian-Based Hackers Behind Ryuk Ransomware’s $2.5 Million Gains

A recent spate of ransomware attacks estimated to have earned hackers 705.08 Bitcoin (BTC) ($2.5 million) likely came from Russian cybercriminals, not North Korean state-sponsored actors as initially thought. The development was reported on The Next Web’s crypto-focused news site Hard Fork on Jan. 14.Hard Fork cites evidence from cybersecurity research teams McAfee Labs and Crowdstrike, which have analyzed the strategies used in developing and disseminating the Ryuk ransomware strain, and concluded that the identity and motivations of its masterminds have most likely until now been misreported. The Ryuk campaign notably attracted wide attention following its targeting of major United States media group Tribune Publishing over Christmas.As McAfee notes, Ryuk is a fictional manga character who spreads lethal death notes as an evil distraction from his own boredom — an analogy for the ransom notes reported to have accompanied Ryuk once the ransomware had encrypted victims’ drives.Ryuk was reportedly initially…

Read the original article here