This ransomware had functioned for the first time quite recently and is pretty rapidly sweeping across the world.
An amount of $640,000 was wrested by the attacker, in all. 15 to 50 BTC were demanded from the targets in exchange for their files and other data.
The ransom notes of both the types of samples that were uncovered are quite alike. 50 BTC which amounts to $320,000, was the highest sum to be wrested by the longer, well-worded and nicely phrased note. The shorter note which was kind of blunt resulted in some fair ransom varying from 15 to 35 BTC which amounts up to $224,000.
As soon as all the cryptographic basics are done with, every network share and drive on the target’s system gets encrypted. The files or directories with text from any hardcoded whitelist, containing “RecycleBin”, “Chrome”, “Ahnlab” and “Mozilla” are the only ones that are safe from encryption.
The Ryuk ransomware attack is a highly lucrative one and enterprise networks are the major aim of the cybercriminals.