Back to all articles
Ransomware
Ryuk Ransomware (2018)
Jun 04, 2026
One of the most dangerous ransomware attacks is known as Ryuk, which first began to spread in 2018. This type of ransomware primarily targets large organizations, such as hospitals, corporations, and public institutions.
Ryuk is typically distributed through phishing emails or via other malware (such as TrickBot or Emotet) that initially gains entry into the system. Once it infects a device, Ryuk encrypts files and demands very high payments for their recovery, often ranging from hundreds of thousands to millions of dollars.
One of the most well-known cases involved attacks on several hospitals in the United States, where systems were locked down and staff were unable to access patient data. This attack demonstrated that ransomware can endanger human lives, not just digital data. Additionally, Ryuk is notorious for its strategy of "Big Game Hunting," specifically targeting organizations with significant financial resources.
References
https://www.trendmicro.com/en/what-is/ransomware/ryuk-ransomware.html
https://www.malwarebytes.com/ryuk-ransomware
https://www.malwarebytes.com/ryuk-ransomware