The BlackBerry Research and Intelligence team in partnership with KPMG’s Cyber Response Services team recently unearthed and named a new ransomware strain written in Java. The researchers have dubbed the ransomware “Tycoon.”
Tycoon is a multi-platform Java ransomware targeting Windows® and Linux® that has been observed in-the-wild since at least December 2019. It is deployed in the form of a Trojanized Java Runtime Environment (JRE) and leverages an obscure Java image format to fly under the radar.
The threat actors behind Tycoon were observed using highly targeted delivery mechanisms to infiltrate small to medium sized companies and institutions in education and software industries, where they would proceed to encrypt file servers and demand a ransom. However, due to the reuse of a common RSA private key it may be possible to recover data without the need for payment in earlier variants.
Join BlackBerry, KPMG and (ISC)² on Sept 30, 2020 (Wed) at 12p.m. (GMT +8) to learn the latest Ransomware trends and threat prevention, with case studies on what should be the main defence in the modern ransomware attacks.
Presenter: Steve Struthers, VP, Global Solutions & Alliance, BlackBerry
Presenter: Konrads Klints, Director of Cyber Security and Incident Response, KPMG Singapore
Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²