The Ryuk malware attacked the US healthcare system last year. A new version of the Trojan is able to spread itself independently via WiFi.
Viruses, worms, and Trojans can infect one computer at a time in many ways. They mostly spread through the network in the form of infected e-mail attachments, but sometimes websites are also infected in a targeted manner. The French cybersecurity agency ANSSI has now discovered a new variant of the well-known Ryuk ransomware that spreads independently in networks.
As a rule, an extortion trojan first secretly infects the computer, then encrypts the hard drive and only allows access to the files again against payment of a ransom. However, Ryuk has also been given the characteristics of a worm, similar to what was the case with the Emotet Trojan – also known as the most dangerous malware in the world. These abilities enable him to spread “within a Windows domain from computer to computer”, explains the ANSSI (abbreviation for Agence Nationale de la Sécurité des Systèmes d’Information) in the published report.
Ryuk attacked hospitals on a large scale
In order to spread itself from computer to computer within a network, Ryuk uses an auxiliary function of Windows: “Once started, Ryuk spreads itself to every accessible computer on which Windows RPC access is possible.” Once on the devices, Ryuak begins his actual task: encrypting the content.
Ryuk was responsible for a massive wave of attacks within the United States last year, including on health care systems. Several hospitals then had to shut down their networks. At the end of October, the FBI even issued a warning about the malware. IT security experts suspected a Russian or at least Eastern European group of cyber criminals behind Ryuk.
There is currently no convenient solution in the fight against the current, self-spreading variant to get this problem under control, according to the specialist portal “Bleeping Computer “.
– Trojans for extortion demand ransom for encrypted data. Now they go one step further
– Windows 10: Formerly full of holes, today top: Microsoft achieves the highest number of points in the antivirus test for the first time
– Fast and cheap: Stiftung Warentest recommends this WiFi router