Bleeping Computer recently reported that a student attempted to pirate expensive data visualization software, which resulted in a Ryuk ransomware attack.
We've seen ransomware distributed in the past through cryptocurrency miners but this type of 'crack site' attack takes ransomware attacks to a whole other level.
The student had searched for data visualization software that they wanted to install at home. Instead of buying a legit license, the student proceeded to search for a cracked version and downloaded it. The illegal download resulted in an infection with an information-stealing trojan that stole the credentials needed by Ryuk cybercriminals to log into the institute.
This attack lost the institute a week's worth of research data and a week-long network outage as servers were rebuilt from scratch and data restored from backups.
Ryuk ransomware is not to be messed with. We recently covered a story from a few months ago that a Ryuk strain has a worm-like feature in your Window LAN devices, and the ransomware-as-a-service gang has only gotten more devious in their schemes.
Unfortunately, this will not be the last time a user tries to obtain cracked software from a warez site. Continued user education is essential to ensure phishing and ransomware attacks do not infect your organization in the future. New-school security awareness training can ensure your users are up-to-date on the latest attacks types.
Bleeping Computer has the full story.
