The computer security companies have reached a higher level to combat the Ryuk-ransomware that has already hired the hackers behind it over 705 bitcoins (about 3.7 million dollars) in less than six months. Until recently, GRIM SPIDER, the group behind Ryuk, was believed to have come from North Korea. However, CrowdStrike and McAfee suggest that malware comes from Russia.
Ryuk spreads through phishing campaigns via e-mail thanks to a Trojan called TrickBot. Large companies and governmental organizations are the main goals. The victims get their encrypted and locked hard disks until they pay the ransom, which depends on the size and value of the target.
"Up to now, the lowest ransom observed was 1.7 BTC and the highest was for 99 BTC," reported CrowdStrike. "With 52 known transactions spread over 37 BTC addresses (at the time of writing this document), GRIM SPIDER achieved 705.80 BTC, which has a current value of $ 3.7 million, with the recent decline in the value from BTC to USD, it is likely that GRIM SPIDER has earned more. "