On the heels of a Ryuk ransomware attack on the Tampa Bay Times, researchers reported a new variant of the Ryuk stealer being aimed at government, financial and law enforcement targets.

The Times attack didn’t result in a breach, noted David Ruiz, 0f Malwarebytes Labs, who cited the Times Publishing Company Chief Digital Officer Conan Gallaty as saying not only did the paper not respond to the attackers, it wouldn’t have paid a ransom. Ryuk has been on the rise taking down systems in Lake City, Fla., and at DCH Health System in Alabama.

“From January 1–23, 2020, Malwarebytes recorded a cumulative 724 Ryuk detections. The daily detections fluctuated, with the lowest detection count at 18 on January 6, and the highest detection count at 47 on January 14,” Ruiz wrote in a blog post. “The ransomware frequently works in conjunction with Emotet and TrickBot in multi-stage attacks. Those separate malware families have also been active in the new year, with small spikes into the thousands of detections” and Emotet,in particular, kicking “into high gear” again on Jan. 13.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.