Institute fell victim to Ryuk ransomware due to student’s reluctance to pay for software

by Emma Davis
May 7, 2021
The Institute fell victim to Ryuk
Written by Emma Davis

Institute in Europe fell victim to the notorious Ryuk ransomware because of the student’s reluctance to pay for licensed software. The attack resulted in the infection of computer networks and the loss of several weeks of critical research work.

According to the report of the information security company Sophos, we are talking about an institute for biomolecular research in Europe. The affected organization turned to Sophos for help, and the company’s specialists were able to find out how the ransomware penetrated its computer networks. The name of the institute was not disclosed, but it is known that it is engaged in research on COVID-19.

The target was a European biomolecular research institute involved in COVID-19 related research as well as other activities related to the life sciences.Sophos experts point out.

The organization works closely with local universities and attracts students to work on some projects. As the investigation showed, it was the student who caused the ransomware infection of the institute’s networks. The young man wanted a free copy of virtualization software that costs hundreds of dollars a year to subscribe.

After posting a message on the search for the desired program on the Internet forum, the student eventually decided to download the hacked version. Windows Defender worked, so the young man turned it off, and did the same to the firewall. However, instead of the desired virtualization software, a Trojan loaded onto his system, stealing student credentials to access the institute’s network.

13 days after the student launched the hacked software, the institute registered an RDP connection to his network. According to the researchers, access to the institute’s network was sold on the black market, and the RDP connection was a test. Ryuk ransomware was deployed on the network 10 days after connecting.

The Ryuk attack cost the institute a week’s worth of vital research data, because although it had backups, they were not fully up to date. Perhaps the hardest lesson of all, however, was discovering that the attack and its impact could have been avoided with a less trusting and more robust approach to network access.Sophos researchers explained.

Ryuk is one of the most popular ransomware programs of our time, and it is constantly being improved. The Ryuk family, including new worm-enabled designs, encrypts networks and files, denying users access to them and demanding a ransom to restore them.

As I reported earlier, the ransomware operators “earned” more than $150 million in total. I also told you that New variant of Ryuk ransomware has the features of a network worm.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

View all posts

Leave a Reply

Sending