A popular Canadian restaurant chain Recipe Unlimited came under ransomware attack last week. Several computers of its head office get affected by the cryptovirological activity, resulting in closing down of normal operations of many of its outlets for few hours. According to the restaurant’s own statement, which tried to downplay the attack, they were hit by a ‘malware’ called Ryuk. For those familiar with the current cryptovirological landscape, they know that Ryuk is the name of a ransomware strain. The company is also denying that their servers and files were held for ransom by the attackers.
However, a leaked screenshot of ransom note reveals that it’s a classic case of ransomware attack in which attackers demand extortion money for ransomware removal. As per the note, the attackers asked for 4,000 Canadian dollars in Bitcoins to provide the decrypter to unlock the files. They also threatened to increase the ransom amount by 0.5 Bitcoins for each day after the expiration of given deadline.
The restaurant chain reportedly didn’t bow down to the demands of cybercriminals and carried out ransomware removal on its own with the help of cybersecurity professionals. Nevertheless, some outlets have to suffer some downtime with the temporary suspension of the operations. According to the statement released by the restaurant management, it maintains regular backups that actually helped them in dealing with the attack in the quickest possible time.
In the last couple of months, Ryuk has inflicted losses to many organizations in different parts of the word. Experts trace its origin to North Korea. According to the latest estimation from an international cybersecurity firm, in just a single month of August, Ryuk operators allegedly succeeded in racking $640,000 from the affected organizations in the name of extortion money for providing decrypter for ransomware removal.