Latest Threat Research: Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks

Get Informed


Ryuk Malware Used in Another Attack on Media Outlet

GrimSpider: Another news outlet has been hit by the Ryuk malware, bringing it to its knees.  Over the weekend, the Watertown Daily Times was taken offline after multiple servers were infected by attackers using the Ryuk malware.  Ryuk was previously tied to the Russia-based group GrimSpider after it was used to attack Tribune Publishing in December, which stopped the printing of a number of news publications throughout the United States.  Earlier this month, the city of Stuart, Florida was also hit by the ransomware.  Just like the attack on Tribune Publishing, the Watertown Daily Times was unable to print any copies of their paper.  Currently, the newspaper is in the process of standing up a backup system so that they can resume normal operation but have no timeline on when that might occur.  The newspaper has also declined to say what ransom was requested or if they intend to pay the ransom.  So far, Ryuk has been responsible for approximately $4 million in ransoms in less than a year.

Analyst Notes

There are currently no indications as to why media outlets have been targeted by GrimSpider at this time. With the great success that Ryuk has seen since December, this will likely not be the last major attack, we see from it this year.