Based on files uploaded to the VirusTotal scanning service, the ransomware attack on the City of New Orleans was likely done by the Ryuk Ransomware threat actors.
On December 14th, 2019, one day after the City of New Orleans ransomware attack, what appear to be memory dumps of suspicious executables were uploaded from an IP address from the USA to the VirusTotal scanning service.
One of these memory dumps, which contained numerous references to New Orleans and Ryuk, was later found by Colin Cowie of Red Flare Security and shared with BleepingComputer.com.
Comments are closed.