Numerous Windows systems around the world have already been targeted by attacks involving the newly emergent Lyrix ransomware, which features sophisticated detection bypass capabilities, according to GBHackers News.
After achieving initial access via phishing emails and software flaw exploitation, Lyrix ransomware which primarily looks to breach backup systems conducts system mapping and employs AES-256 and RSA-2048 encryption, as well as shadow copy overwriting and system restore point deactivation to hinder the recovery of compromised files without being detected by antivirus solutions due to its usage of polymorphic code, a report from CYFIRMA revealed. Additional stealth has been obtained by Lyrix ransomware through encrypted communications with its command-and-control servers. Such findings, which indicate Lyrix ransomware attackers' extensive enterprise IT and backup protocol awareness, should prompt the implementation of multi-layered security defense strategies, said researchers. Organizations should not only ensure the adoption of potent endpoint protection tools and consistent software updates, but also bolster phishing education programs for their employees, researchers added.
After achieving initial access via phishing emails and software flaw exploitation, Lyrix ransomware which primarily looks to breach backup systems conducts system mapping and employs AES-256 and RSA-2048 encryption, as well as shadow copy overwriting and system restore point deactivation to hinder the recovery of compromised files without being detected by antivirus solutions due to its usage of polymorphic code, a report from CYFIRMA revealed. Additional stealth has been obtained by Lyrix ransomware through encrypted communications with its command-and-control servers. Such findings, which indicate Lyrix ransomware attackers' extensive enterprise IT and backup protocol awareness, should prompt the implementation of multi-layered security defense strategies, said researchers. Organizations should not only ensure the adoption of potent endpoint protection tools and consistent software updates, but also bolster phishing education programs for their employees, researchers added.
