From Advintel.io, now part of Redsense:
"The group behind Ryuk ransomware distribution, referenced as "one" continues to target various industries including healthcare relying on BazarBackdoor. Currently, the healthcare and social services targeting comprises 13.36% of the total victim by industries."
Ryuk “one” Adversary Dossier
- Average Payment: 48 Bitcoin
- Largest Confirmed Payment: 2,200 Bitcoin
- Crime Salary: Over $150 Million in Bitcoin
- Psychology Type: Tough Negotiator, Rare Leniency
- Actor Origin: Russian-speaking Eastern Europe
- Reliability: High
- Recent Sector Breach Activities:
- Technology
- Healthcare
- Energy
- Financial services
- Government