Ryuk ransomware now self-spreads to other Windows LAN devices

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,176
Content source
https://www.bleepingcomputer.com/news/security/ryuk-ransomware-now-self-spreads-to-other-windows-lan-devices/
A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims' local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021.

"Through the use of scheduled tasks, the malware propagates itself - machine to machine - within the Windows domain," ANSSI (short for Agence Nationale de la Sécurité des Systèmes d'Information) said in a report published today.
"Once launched, it will thus spread itself on every reachable machine on which Windows RPC accesses are possible."

To propagate itself over the local network, the new Ryuk variant lists all the IP addresses in the local ARP cache and sends what looks like Wake-on-LAN (WOL) packets to each of the discovered devices. It then mounts all sharing resources found for each device so that it can encrypt the contents.
Click to expand...
www.bleepingcomputer.com

Ryuk ransomware now self-spreads to other Windows LAN devices

A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims' local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Wow
  • +Reputation
Reactions: Venustus, Pat MacKnife, Zartarra and 5 others
You must log in or register to reply here.

Similar threads

vtqhtr413
    • Like
    • Wow
    • +Reputation
New ransomware fakes Windows Update to trick home users
Replies
5
Views
1,639
News Archive
upnorth
upnorth
vtqhtr413
    • Like
    • +Reputation
Security News Raspberry Robin malware returns with early access to Windows exploits
Replies
0
Views
1,020
Security News
vtqhtr413
vtqhtr413
upnorth
    • Like
    • Wow
    • +Reputation
Windows Worm Evolved into slinging Ransomware
Replies
0
Views
502
News Archive
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top