Vitali Kremez, Al Calleo, and Yelisey Boguslavskiy report:
This report illustrates some of the new and existing Tactics, Techniques, and Procedures (TTPs) of the Ryuk ransomware variants that Advintel has witnessed throughout their investigations in 2021.
Initial Attack Vector: RDP Brute Force / Other Means of Initial Attack Vector
Ryuk operators gain initial access to a network most often through two methods in 2021.
- Service-Based RDP Compromise
- Botnet-Based Malware Delivery
Read more on Advanced-Intel.com.