Name

Ryuk

CategoryRansomware
Symptoms

Slow or freezing performance, files encrypted

Infection methodRogue installer and malicious pop-ups

System damage

Hard drive is locked and files are inaccessible

Removal

Manual removal

What is the Ryuk ransomware?

Ransomware of any kind is incredibly invasive. And Ryuk is no different. Once it targets a computer, it encrypts most of the files stored there, so you can no longer access them. Then, it will display a message — or a ransom — prompting you to pay the hackers that installed this malicious software to get your files back.

If you do find out your Mac has been infected with Ryuk or another ransomware, it’s best not to try and use a ransomware decryptor that can cause even more damage to your files. And possibly even corrupt them. Keep reading to see what you can do to prevent ransomware and what you should do if you detect other suspicious software from your Mac.

How did the Ryuk virus end up on my computer?

The good news is that Ryuk typically targets businesses and corporations rather than personal computers. That’s because the hackers will use it to exploit network vulnerabilities in the hopes of getting to a lot of computers. So, they can charge a higher ransom from victims who can afford to pay it.

That being said, it’s not unheard of for a personal computer to be infected by Ryuk. The most common way it installs itself is through either rogue email attachments or macros in Microsoft Office. Occasionally, Ryuk will be installed through a backdoor that’s left open by other malware.

Ryuk ransomware removal from your Mac

If your computer isn’t infected with ransomware and you came across this article accidentally, now is a great time to start backing up your Mac. If you have a backup of your data, then when your Mac is infected by ransomware, you’ll be able just to erase your hard drive and start over.

If you already have Ryuk attacking and encrypting your files, then there’s not much else you can do at that point. You might be able to get your files back if you pay them the ransom. But even that can be hit or miss.

On the other end of that entirely, if you think you’ve downloaded or installed Ryuk, the best thing to do is delete any suspicious program. It’s relatively straightforward. Here are the steps you need to follow:

  1. Open a new Finder window.
  2. In the sidebar, click the Applications folder.
  3. Sort your apps by date added to see the last ones you’ve installed.
  4. Right-click or Control-click the app and click Move to Trash.

After you’ve removed any and all of the suspicious apps on your Mac, it’s a good idea to restart it. This gives a chance for any script that’s running in the background to stop.

Get rid of other malware on your computer

One of the common ways Ryuk and other ransomware can end up on your Mac is from malware. The malicious software can leave your hard drive open and vulnerable to attacks. So, even if you manually delete Ryuk, it’s smart to get into the habit of scanning your Mac. Thankfully, you can use the app CleanMyMac X to scan your computer for other malware that may be lurking on your computer.

Even if you haven’t noticed any performance issues with your computer, sneaky software can still be hanging out on your hard drive.

Download CleanMyMac X and follow these steps to scan for malware:

  1. Open CleanMyMac X.
  2. In the sidebar, click Malware Removal > Scan.
  3. If any threat has been found, click Remove. 
Malware removal module of CleanMyMac

When the scan finishes, CleanMyMac X will offer to delete any malware it finds. It’s also probably a smart idea to click on the Uninstaller module in the sidebar to scan for rogue leftover files left behind.

Even though Ryuk isn’t a traditional virus, it can still cause a lot of pain and headaches. But hopefully, after reading this article, you’re feeling a little better prepared. The number one thing you can do is start backing up your files. Then, you can confidently use your computer, knowing you can always come back.