Skip to main content
  1. Home
  2. Computing
  3. News

Hackers are scoring with ransomware that attacks its previous victims

Add as a preferred source on Google
Image used with permission by copyright holder

Hackers are targetting computers with ransomware that scours a previously infected network in order to pinpoint and attack and enterprises with big money. Named “Ryuk,” the ransomware has been around since 2017, but only recently, in mid-2018, has there an uptick in successful attacks, according to research done by the security experts at FireEye.

Upward of $3.7 million in Bitcoin has been acquired by hackers leveraging these attacks, which first infects victims PCs with a “Trickbot” trojan, and then subsequently the “Ryuk” ransomware. As part of the process, after sending a payroll phishing email and tricking victims into opening it, the hacker is able to use the”Trickbot” trojan and scour the victim’s network and files to determine if the target is worth infecting with a subsequent attack via “Ryuk.”

Recommended Videos

It can lay dormant for a year or longer, and the unique element is that in that time period, the hacker can determine whether to direct another attack from “Ryuk” at a previously infected organization in order to extort large ransom fees.

“Interactive deployment of ransomware, such as this, allows an attacker to perform valuable reconnaissance within the victim network and identify critical systems to maximize their disruption to business operations, ultimately increasing the likelihood an organization will pay the demanded ransom,” explains the team at FireEye.

It is not certain which country is leveraging these attacks, but FireEye does not believe that it is coming from North Korea. Subsequent reports from another security firm CrowdStrike finds that the attacks could be linked to the “Grem Spider Group” in Russia due to IP addresses which are being used in the process. FireEye also believes that these attacks can increase in 2019 “due the success these intrusion operators have had in extorting large sums from victim organizations.”

There have been several high profiles cyberattacks recently, one which targeted newspapers across the United States, and another which leveraged social engineering to target emails accounts. To protect against these types of attacks, it is always best to avoid opening emails from suspicious email addresses. You also could consider never opening Microsoft Office files with macros enabled, which hackers often use to push out viruses via phishing emails. You also should keep both Windows 10 and your antivirus up to date, to ensure that you’re fully guarded.

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
This app gives your Mac a music player you’ll actually enjoy using
Apple Music on the Mac is a chore. Liqoria is the fix, and it plays nice with Spotify and YouTube too.
Liqoria music player

The Apple Music app on the Mac is not up to the mark. I don’t like how it looks or behaves, and Apple should take some inspiration from Spotify to make the app more modern and useful. Until that happens, we are stuck with a subpar app experience.

That’s why I never use the Apple Music app on my Mac and rely on third-party apps that let me control music. Today I am featuring one of the latest apps I discovered. It’s called Liqoria, and it’s probably the only music player app you will ever need.

Read more
Anthropic is giving away Claude Fable 5 at no extra cost for a limited time
You can try Claude Fable 5 for free - but don't wait too long
Electronics, Mobile Phone, Phone

Anthropic is making it a little easier for paying subscribers to try its newest AI model without spending extra money. The company has announced a limited-time promotion that gives users on eligible paid plans access to Claude Fable 5 at no additional cost until July 19, 2026. There's a catch, though: the model isn't completely unlimited, and once you hit a usage threshold, you'll either need to start paying or switch to another Claude model.

The promotion comes as competition in the AI assistant market continues to intensify. OpenAI, Google, Microsoft and Anthropic are all racing to get users onto their latest flagship models, often using free trials or promotional access to encourage adoption. Rather than offering unlimited access, Anthropic is betting that giving subscribers enough time to experience Fable 5's capabilities will convince many to continue using it after the promotion ends.

Read more
Scammers are now cloning trusted news websites to steal your money
Breaking news: That breaking news probably isn't breaking news
Scammers are turning trusted news brands into investment traps

Seeing a story on the website of a trusted news organisation is usually enough to lower your guard. Cybercriminals know that, and they're increasingly exploiting the credibility of major publishers to steal money from unsuspecting readers. The latest example involves fake Guardian articles featuring billionaire Jim Ratcliffe. Still, the scam is part of a much larger campaign that's also impersonating the BBC and other well-known media outlets.

According to The Guardian, fraudsters are creating convincing clones of legitimate news websites and filling them with fabricated stories designed to lure readers into bogus cryptocurrency and investment schemes. Instead of trying to hack victims directly, the scammers first convince them they're reading real journalism.

Read more