Dreaded Ryuk ransomware improves its attack techniques. Ransomware is undoubtedly one of the most important threats on the Internet. Many varieties can compromise our computers. As we know, the goal is to encrypt files and systems and in return ask for an economic ransom. In this article, we are going to talk about Ryuk, which is one of the most popular ones, and how it improves its techniques to attack victims.
New techniques of Ryuk ransomware
Hackers often adapt and improve their attacks to achieve their goals. Today we can indeed count on a wide variety of defensive tools, such as antivirus, browser extensions, firewalls… But attackers also improve how they infect systems.
In this case, the new techniques of those responsible for the Ryuk ransomware target remote desktop connections to a greater extent. It is a reality that in recent months everything remote has gained greater importance. Many users perform their functions from their homes, many companies offer their products over the Internet and, in short, there is the increased use of the remote desktop.
But how do they manage to infect Ryuk? This point is very important, as it will allow us to be alert and protect ourselves from this threat. In this case, in recent times, the strategy most commonly used by cybercriminals to sneak in this type of ransomware is email. They send a phishing e-mail in which they attach a malicious file containing the malware.
According to security researchers at Advanced Intelligence, Ryuk attacks in recent months have targeted exposed RDP connections, which can be a way to access an entire network.
On many occasions, they have also relied on brute-force attacks to gain access to these remote desktops and to sneak in the ransomware. But also campaigns through phone calls, Spear Phishing, and other similar varieties.
But among the most prominent novel techniques, hackers warn of the use of a tool called KeeThief. It is open source and the objective is to extract passwords and credentials from the KeePass key manager.
They also rely on certain vulnerabilities that are present in systems and applications. Some are even part of the Windows operating system itself, so it is always important to keep it updated.
How to protect yourself from Ryuk ransomware?
At this point, it is time to give some tips to avoid becoming victims of Ryuk ransomware and any other variety that can put our security and privacy at risk. Let’s give some basic recommendations.
Undoubtedly the most important thing is common sense. We have seen that in many cases the technique used consists of carrying out a phishing attack. We must avoid accessing links that could be dangerous or downloading e-mail attachments that we cannot trust.
It is also essential to keep systems up to date. In the case of Ryuk ransomware, it is based on many vulnerabilities present in remote desktop, Windows, and other applications we use. We should always have patches and updates available.
One more tip is to have security software. This will allow us to avoid the entry of malicious software. A good antivirus can help us to do this.
