Researchers at two different cyber-security firms, CrowdStrike and FireEye, have revealed that the Ryuk ransomware, which is believed to have been first reported last August, has managed to generate $3.7 million worth of Bitcoin for its operators from 52 transactions since August.
The reports also seem to suggest that the malware is very likely the handiwork of Russian cyber-criminals rather than North Korean ones, as was initially thought. That assertion seems to be backed up by separate reports from two other cyber-security companies – Kryptos Logic and McAfee.
According to CrowdStrike, the ransomware was created by a hacking group called ‘Grim Spider’, who bought a version of the Hermes malware from a hacking forum and modified it to create Ryuk, which earned the big bucks by selectively targeting victims with deep pockets.