Ransom.Ryuk

ThreatDown is now the name of the Malwarebytes line of business products. References to Malwarebytes below reflect the amazing technology used to first identify the threat.

Short bio

Ransom.Ryuk is Malwarebytes’ detection name for a type of ransomware that is used in targeted attacks against enterprises and organizations.

Type of infection

Ransomware is a category of malware that holds files or systems hostage for ransom.

Ransom.Ryuk is used in targeted attacks, where the threat actors make sure that essential files are encrypted so they can ask for large ransom amounts. This means the attackers first find a way into the networks and use tools to map them out.

Aftermath

Because of the targeted nature of this ransomware, it is advised to do a full network scan to find any backdoors or other tools that the threat actors may have left behind, and which may enable them to regain access to the network.

Protection

Malwarebytes blocks Ransom.Ryuk

Business remediation

Malwarebytes can detect and remove Ransom.Ryuk on business machines without further user interaction.

To remove Ransom.Ryuk using Malwarebytes business products, follow the instructions below.

Home remediation

On non-networked systems Malwarebytes can detect and remove Ransom.Ryuk without further user interaction.

Similiar detections

Ransom.Snatch Ransom.ELF.ESXi.Attacks Virlock.Ransom.FileInfector.DDS Ransom.VirLock Ransom.FileCryptor.MSIL.Generic Ransom.FileCryptor Ransom.Maui Sodinokibi.Ransom.Encrypt.DDS Ransom.AvosLocker Ransom.BlackByte View all Ransomware detections >

Products

Services

Why ThreatDown

Get Help

Managed Services Terms & Conditions

Detection Details