Security News > 2021 > May > Ryuk Ransomware Attack Sprung by Frugal Student

A European biomolecular research institute involved in COVID-19 research lost a week's worth of research data, all thanks to a Ryuk ransomware attack traced back to a student trying to save money by buying unlicensed software.

Security researchers at Sophos described the attack in a report.

The student's goof-ups advanced to a full-fledged ransomware attack because there weren't security measures in place to stop those missteps from happening, the researchers said.

From what security researchers can tell from the laptop - which was handed over for forensics after the ransomware attack unfurled - the student also had to disable the firewall to coax the time-bomb onto the computer.

Peter Mackenzie, manager of Rapid Response at Sophos, said that whoever was behind the cracked software was unlikely to be the same threat actor that was behind the resulting Ryuk attack.

"Security experts are all singing the same tune: Namely, that attacks are getting more vicious and more destructive, with extra time and effort spent on the removal of backups prior to ransomware deployment. Attackers are honing their nasty craft, as well:"They are becoming more sophisticated with new techniques designed to avoid detection, like running in virtual machines, Windows safe mode or completely fileless," Mackenzie told Threatpost.

News URL

https://threatpost.com/ryuk-ransomware-attack-student/165918/