China is reeling from severe ransomware named Ryuk virus, that infects devices of personal users, predominantly targeting government and enterprise officials, and demands ransoms as high as 11 Bitcoins.
The recent discovery has shaken up the Tencent Intelligence Center officials who are now on a mission to get to the bottom of the problem.
Researchers dig deep into the Ryuk virus
Having studied the Ryuk virus and its functioning meticulously, the officials have concluded in a report released on July 17, that it encodes data from the impaired devices and demands Bitcoin ransoms from its users.
The report further elucidates the name itself – Ryuk, derived from a fictional evil spirit from the popular television series Death Note who advertently devices a “death notebook” to aid killings.
The investigators of the virus were able to capture and study its subsequent plan of action in detail. Apparently, it comes with a ReadMe note indicating two email addresses. When the reply sent to the first address, the investigators were provided with instructions on claiming the Bitcoin ransom.
The virus also ciphers network resources and local drives. By demolishing the encryption key, it prevents users from running back-up operations, thus, resulting in complete and irrecoverable damage of the systems.
China Government insists watchfulness and caution
In an effort to instantly alert the users and prevent further contamination of devices, the officials have requested them to install Tencent PC Manager, take backups, and disable macros.
Unfortunately, Ryuk had already found its potential victims in the United States earlier this year. The Lake City of Florida and the La Porte County of Indiana states had to shell out hefty ransoms when the Ryuk virus crept through the city’s IT systems and left them crippled for a long time.