Named after a fictional character, the recently surfaced Ryuk Ransomware has been found to have clinched more than $3.7 million in ransom from the users it had affected.
Cyber-security experts have found out about new ransomware which has been able to clinch a lot of money since it first started spreading, Ars Technica has reported. Banked mostly using Bitcoins, the experts have been able to find transactions linked to the ransomware which amount up to 705 BTC in total, the equivalent of $3.7 million with respect to the current bitcoin conversion rate. Although there have been differing reports about the identities of the hackers. Experts from CrowdStrike say that the hacking, which was first noticed earlier this month, comes from either Russian or South Korean-based hackers dubbed GRIM SPIDER.
The post made by CrowdStrike mentions that “To date, the lowest observed ransom was for 1.7 BTC and the highest was for 99 BTC,”. “With 52 known transactions spread across 37 BTC addresses (as of this writing), GRIM SPIDER has made 705.80 BTC, which has a current value of $3.7 million (USD). With the recent decline in BTC to USD value, it is likely GRIM SPIDER has netted more.”
The ransomware which was selectively been deployed to select businesses and individuals was first given access to a lot of computers. The hackers used a Trojan by the name of TrickBot which was sent over a lot of computers using email phishing. TrickBot used to do nothing but lie dormant on their host computer until it was able to analyze the amount of money that could be extorted from the users.
The operators of this ransomware then selectively chose few of the setups where the data was important and the users were either big companies or organizations.