Ryuk ransomware is known for targeting know for targeting various large organizations worldwide. It is often distributed by other malware such as Emotet or TrickBot.
Ryuk Ransomware initially uncovered in August 2018 since then it infects and compromise various organization and steals millions of dollars from affected victims.
The analysis shows that Ryuk is a result of the custom development of an older commodity malware known as Hermes, believed to have been authored by North Korea’s Stardust Chollima (a.k.a. APT38, believed to be a revenue-generating offshoot of the well-known APT Lazarus Group).