Jump to content

This new ransomware is targeting Windows and Linux PCs with a 'unique' attack


RV_

Recommended Posts

Excerpt:

"Researchers detail the unusual workings of Tycoon ransomware - which appears to be designed to stay under the radar as much as possible.

Excerpt:

"A newly uncovered form of ransomware is going after Windows and Linux systems in what appears to be a targeted campaign.

Named Tycoon after references in the code, this ransomware has been active since December 2019 and looks to be the work of cyber criminals who are highly selective in their targeting. The malware also uses an uncommon deployment technique which helps stay hidden on compromised networks. 

The main targets of Tycoon are organisations in the education and software industries.

Tycoon has been uncovered and detailed by researchers at BlackBerry working with security analysts at KPMG. It's an unusual form of ransomware because it's written in Java, deployed as a trojanised Java Runtime Environment and is compiled in a Java image file (Jimage) to hide the malicious intentions.

"These are both unique methods. Java is very seldom used to write endpoint malware because it requires the Java Runtime Environment to be able to run the code. Image files are rarely used for malware attacks," Eric Milam, VP for research and intelligence at BlackBerry told ZDNet.

"Attackers are shifting towards uncommon programming languages and obscure data formats. Here, the attackers did not need to obscure their code were nonetheless successful in accomplishing their goals," he added.

However, the first stage of Tycoon ransomware attacks is less uncommon, with the initial intrusion coming via insecure internet-facing RDP servers. This is a common attack vector for malware campaigns and it often exploits servers with weak or previously compromised passwords.

Source: https://www.zdnet.com/article/this-new-ransomware-is-targeting-windows-and-linux-pcs-with-a-unique-attack/?ftag=TRE-03-10aaa6b&bhid=&mid=12864903&cid=2180787277

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...