Skip to main content
  1. Home
  2. Computing
  3. News

Hackers are scoring with ransomware that attacks its previous victims

Add as a preferred source on Google
Image used with permission by copyright holder

Hackers are targetting computers with ransomware that scours a previously infected network in order to pinpoint and attack and enterprises with big money. Named “Ryuk,” the ransomware has been around since 2017, but only recently, in mid-2018, has there an uptick in successful attacks, according to research done by the security experts at FireEye.

Upward of $3.7 million in Bitcoin has been acquired by hackers leveraging these attacks, which first infects victims PCs with a “Trickbot” trojan, and then subsequently the “Ryuk” ransomware. As part of the process, after sending a payroll phishing email and tricking victims into opening it, the hacker is able to use the”Trickbot” trojan and scour the victim’s network and files to determine if the target is worth infecting with a subsequent attack via “Ryuk.”

Recommended Videos

It can lay dormant for a year or longer, and the unique element is that in that time period, the hacker can determine whether to direct another attack from “Ryuk” at a previously infected organization in order to extort large ransom fees.

“Interactive deployment of ransomware, such as this, allows an attacker to perform valuable reconnaissance within the victim network and identify critical systems to maximize their disruption to business operations, ultimately increasing the likelihood an organization will pay the demanded ransom,” explains the team at FireEye.

It is not certain which country is leveraging these attacks, but FireEye does not believe that it is coming from North Korea. Subsequent reports from another security firm CrowdStrike finds that the attacks could be linked to the “Grem Spider Group” in Russia due to IP addresses which are being used in the process. FireEye also believes that these attacks can increase in 2019 “due the success these intrusion operators have had in extorting large sums from victim organizations.”

There have been several high profiles cyberattacks recently, one which targeted newspapers across the United States, and another which leveraged social engineering to target emails accounts. To protect against these types of attacks, it is always best to avoid opening emails from suspicious email addresses. You also could consider never opening Microsoft Office files with macros enabled, which hackers often use to push out viruses via phishing emails. You also should keep both Windows 10 and your antivirus up to date, to ensure that you’re fully guarded.

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Anthropic is giving away Claude Fable 5 at no extra cost for a limited time
You can try Claude Fable 5 for free - but don't wait too long
Electronics, Mobile Phone, Phone

Anthropic is making it a little easier for paying subscribers to try its newest AI model without spending extra money. The company has announced a limited-time promotion that gives users on eligible paid plans access to Claude Fable 5 at no additional cost until July 19, 2026. There's a catch, though: the model isn't completely unlimited, and once you hit a usage threshold, you'll either need to start paying or switch to another Claude model.

The promotion comes as competition in the AI assistant market continues to intensify. OpenAI, Google, Microsoft and Anthropic are all racing to get users onto their latest flagship models, often using free trials or promotional access to encourage adoption. Rather than offering unlimited access, Anthropic is betting that giving subscribers enough time to experience Fable 5's capabilities will convince many to continue using it after the promotion ends.

Read more
Scammers are now cloning trusted news websites to steal your money
Breaking news: That breaking news probably isn't breaking news
Scammers are turning trusted news brands into investment traps

Seeing a story on the website of a trusted news organisation is usually enough to lower your guard. Cybercriminals know that, and they're increasingly exploiting the credibility of major publishers to steal money from unsuspecting readers. The latest example involves fake Guardian articles featuring billionaire Jim Ratcliffe. Still, the scam is part of a much larger campaign that's also impersonating the BBC and other well-known media outlets.

According to The Guardian, fraudsters are creating convincing clones of legitimate news websites and filling them with fabricated stories designed to lure readers into bogus cryptocurrency and investment schemes. Instead of trying to hack victims directly, the scammers first convince them they're reading real journalism.

Read more
This floating AI robot looks like it escaped a Studio Ghibli film, and that’s exactly the point
Finally, a flying robot that probably won't chase your cat
Cuddle-Fish is an innovative soft-bodied, lighter-than-air robot created by researcher Mingyang Xu at Keio University in Japan.

Most home robots today have one thing in common: they're loud, rigid, and unmistakably robotic. Whether it's a vacuum cleaner bumping into furniture or a drone buzzing overhead, they're built to perform tasks - not necessarily to make people feel comfortable. Researchers in Japan think there's a better way, and it starts with taking inspiration from animated creatures rather than industrial machines.

A research team led by Mingyang Xu at Keio University, in collaboration with institutions including the MIT Media Lab, has unveiled a prototype floating companion robot that glides silently through the air instead of rolling across the floor. Rather than looking like another gadget, the robot resembles a tiny floating creature, drawing inspiration from characters such as Tinker Bell, Pokémon's Mew, and Studio Ghibli's Soot Sprites.

Read more