Monday, August 10, 16:13
Home security Malware scans systems to steal military data

Malware scans systems to steal military data

Recently one came to light new malware, which appears to be related to ransomware Ryuk, which scans for information systems to steal sensitive personal and military information and then uploads them to an FTP site.

Although it bears many similarities to Ryuk, one major difference between them is that while Ryuk only encrypts files, this new malware steals files by uploading them to a site that you control from intruders.

What exactly is going on?

The new malware activates a scan of all the files available on the infected machine. Looks for files with .doc or .xlsx extensions to steal.

Malware ignores files and folders like Microsoft and Intel while scanning, and also overrides files with the .ryk extension. When a file with a .doc or .xlsx extension is detected, the malware first validates the file by checking whether it contains a document or word worksheet.

The names of valid files are compared to a list of malicious keywords, which includes words such as "military", "secret" and "hidden". This shows that the malware specifically targets confidential data. It also checks for certain names, which are believed to come from the US Social Insurance Agency's list of the most popular names.

Similarities to Ryuk Ransomware

As has been observed, this new malware has similarities to Ryuk ransomware, which has led to speculation that they might be related in some way.

There are code similarities between the new malware and Ryuk.

As already mentioned, the new malware skips files related to Ryuk, such as the .ryk extension, and also contains some references to Ryuk in its code.

However, Ryuk does not need prerequisites for it to run, as opposed to new malware that requires DLL execution.

Security investigators are still searching for samples to analyze how the hacker infect and launch an attack.

While this malware appears to be related to the infamous Ryuk ransomware, it is not clear if the team behind Ryuk is responsible for this malware or if another team has accessed the code and modified it.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


The best security cameras to protect your home!

If you are afraid of intruders in your home, these security cameras can stream live video directly to your phone.

Do hackers carry out their attacks in real time?

More generally, there is a perception that hackers are suddenly infiltrating systems and devices and carrying out attacks. However, the reality is different. The...

Facebook: How to hide old posts

Facebook has introduced a new tool called "Activity Management" that will allow you to delete old posts, helping you to improve ...

How to download and install the Play Store on laptops and PCs?

Nowadays, many people rely on their smartphones, as they can be used easily and quickly for ...

Portable air conditioner: It is worn on the back and as a jewel 😛

Portable air conditioner - Worn on the back and like jewelry: 40 degrees and we have melted. Those of you who are lucky on the beach, please stop ...

How to download Google Camera Port 7.4 / GCam 7.4 on Xiaomi devices?

Pixel devices have Google Camera (GCam) as their default camera application. And since the Pixel series is known for ...

How to type in multiple languages ​​simultaneously on Android

People in today's world are very much addicted to smartphones. They provide access to many applications that can be used mainly ...

LucidPix: Make your photos 3D with this app!

Give a 3D format to your photos, with the LucidPix application, which is available in various versions for both Android and iPhone ...

Private or anonymous browsing: Does it guarantee your privacy on the Internet?

The term "private" is relevant, especially when it comes to private or anonymous browsing on the Internet, a setting in your web browser ...

Businesses: 8 types of cyber attacks to watch out for

Nowadays, all businesses, small and large must be on alert, as they can ...