We have seen how there have been a lot of incidents of ransomware attacks as well as campaigns of hacking recently and that all of them have mostly been successful in doing what they have done only because of the fact that people had “dropped their guards” so to speak in terms of security due to the Coronavirus pandemic while practising work from home. On the other hand, we are still seeing people getting targetted and hacking as well as ransomware attacks being done even though most of the people have gone back to work.
In continuation of the same, we have a new report from the world of security where a new ransomware attack has been found and it is affecting the Windows PCs and even the Linux PCs which are believed to be better in terms of security. As per the report, this ransomware attacks seems to be a targetted one and it is named Tycoon after seeing its references in the code. Also known is that the attack has been active since December 2019 and is targeting people since then.
The report adds that this ransomware attack seems to be done by a group which targets people extremely selectively and also “uses an uncommon deployment technique which helps stay hidden on compromised networks”. The worrying part is that Tycoon is mainly targeting the education and software industries so while the software industry is still okay, education is where a lot of things could go wrong.
A security expert says that “These are both unique methods. Java is very seldom used to write endpoint malware because it requires the Java Runtime Environment to be able to run the code. Image files are rarely used for malware attacks,” He adds that “Attackers are shifting towards uncommon programming languages and obscure data formats. Here, the attackers did not need to obscure their code were nonetheless successful in accomplishing their goals,”