A virus called Ryuk has been attacking systems in China as reported by the Tencent Yujian Threat Intelligence Center. In a report released by the intelligence agency, Ryuk viruses are derived from a code directly implemented from the Hermes virus. The Ryuk virus aims at attacking government operation systems and machinery storing immense measurable data and resources.
The term or the word Ryuk comes from the name of a widely popular character of a death spirit from the critically acclaimed manga Death Note. The manga has also been made into an anime series and was later adapted by media giant Netflix. As depicted in the manga, the death spirit Ryuk is in possession of a notebook that did the job of killing a person simply by writing the said person’s name on the notebook pages.
What’s in the Ryuk Virus
The researches at the Tencent Yujian Threat Intelligence Center were able to get hold of the virus and study it in action. As per the report, the Ryuk virus was found with a ReadMe note attached to it. The note comprised a set of two email addresses. The first email address consisted of a set of instructions to be followed and a ransom of 11 Bitcoin.
The center cautioned users and advised against opening unknown emails. The center also advised running of Tencent PC Manager and proper encryption and backing up of data files.
Origin of the Ryuk Virus
A research held in January traced the origins of Ryuk to be from Russia. The virus was initially thought to be a brain design of North Korea attackers but sources like McAfee Labs and Crowdstrike suggested Russia to be the mother origin. Ryuk is thought to have originated from the Russian group “GRIM SPIDER.” There have also been reports of several reported Ryuk ransom and malware cases. In the USA, La Porte County, Indiana, had to shell out $130,000 in light of a Ryuk attack. Lake City, Florida also witnessed a similar case with the government paying out $460,000 after an evident Ryuk attack.