While French news outlets have been reporting on ransomware attacks there, they have been relatively quiet on the type of ransomware or details of attacks, other than an occasional mention of Ryuk. Now Sergiu Gatlan reports:
A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims’ local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021.
“Through the use of scheduled tasks, the malware propagates itself – machine to machine – within the Windows domain,” ANSSI (short for Agence Nationale de la Sécurité des Systèmes d’Information) said in a report published today.
“Once launched, it will thus spread itself on every reachable machine on which Windows RPC accesses are possible.”
Read more on BleepingComputer.