The operators of infamous Ryuk ransomware continue to target hospitals, despite the challenges these organizations are already facing as a result of the coronavirus pandemic.
On March 26, a security expert going under the moniker PeterM, tweeted that a United States-based healthcare provider had been targeted by Ryuk’s ransomware. PeterM stated that the cyber offensive “looks like a typical Ryuk attack.”
“I can confirm that #Ryuk ransomware are still targeting hospitals despite the global pandemic. I'm looking at a US health care provider at the moment who were targeted overnight. Any HC providers reading this, if you have a TrickBot infection get help dealing with it ASAP,” the researcher said.
"Looks like a typical Ryuk attack at the moment, they deployed the ransomware with PsExec," PeterM added.
According to Vitali Kremez, head of SentinelOne's research division, over the past month Ryuk ransomware has hit 10 healthcare organizations, two of which are independent hospitals and another is a healthcare provider with a network of 9 hospitals in the USA.a
Earlier this month DoppelPaymer and Maze ransomware operators stated that they will hold back from attacking medical organizations during the current coronavirus pandemic.