News

French authorities discover self-distributed variant Ryuk ransomware

By admin
Spread the love

The French cybersecurity agency Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) has discovered a new variant of the Ryuk ransomware. The new variant can spread itself to Windows machines on a local network.

The new variant was discovered early this year by ANSSI during an investigation into a ransomware attack, Bleeping Computer reports. According to the French agency, the malware can send itself to other Windows machines within the same network, using RPC.

To do this, the malware checks IP addresses in the local ARP cache and then sends a WOL packet to the Windows machines it finds. When successful, the ransomware proceeds to encrypt data. The spread can be stopped, according to ANSSI, by changing the password of the infected account or deleting the user.

The Ryuk ransomware first surfaced in August 2018 and several variants have surfaced since then. According to Bleeping Computer, one in three ransomware infections is Ryuk ransomware. Never before has the malware spread itself to other machines in this way.

You might also like
News

Google is serious about ending passwords: ‘passkeys’ are becoming the…

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Eurostar starts check-in with facial recognition at train stations in London

News

AMD: Intel’s proposal for 64bit-only x86 architecture is very interesting

News

Microsoft releases new font for Word, Outlook, PowerPoint and Excel

News

GitHub enables passwordless login via passkeys in beta