Introduction
Ryuk is a ransomware operation known for targeting large organizations and demanding high ransom payments.
Activities and Tactics
Targeted Sectors: Healthcare, Government, Education
Country of Origin: 🇷🇺 Russia
Risk Level: Critical
First Seen: 2018
Last Activity: 2021
Notable Campaigns
Information pending cataloguing.
Tactics, Techniques, and Procedures (TTPs)
Ransomware Vulnerability Matrix observations
| Category | Vendor | Product | CVEs |
|---|---|---|---|
| Microsoft Products | Windows | NetLogon | CVE-2020-1472 |
Notable Indicators of Compromise (IOCs)
No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.
Malware and Tools
Information pending cataloguing.
Attribution and Evidence
Country of Origin: Russia Additional attribution information pending cataloguing.
References
References pending cataloguing.