All these days corporate and government networks used to store sensitive documents on systems that were isolated from public networks. But now a team of researchers from ESET has discovered in their research that a new malware named Ramsay has the potential to target air-gapped or isolated networks storing Word, PDF, and ZIP files that are hidden in encrypted form.
Furthermore, the Ramsay Malware is reported to have the capability to exfiltrate data to remote servers once the opportunity is created- which is seen very rarely.
Large enterprises, Universities, government agencies, and military agencies are often seen storing top-secret files in storage containers that are not available to be accessed on public networks. And this is what the hackers are seen preying on as such data fetches them excellent amounts on a financial note on the dark web.
As of now, ESET states that the said malware is available in three versions with the first developed in Sept’19 and the rest developed in the first and last week of March this year. Also, Ramsay malware is now being distributed through phishing emails where the victim receives an email with a malicious link pointing towards the malware server.
Meanwhile, in other research related to malware detection, Intel in association with Microsoft has developed a new AI tool named STAMINA- Static Malware as an Image Network Analysis.
STAMINA is a two-year long project where malware samples are converted into grayscale (Black and white) images and then Machine Learning tools are employed onto it to detect malware binaries.