This article has been indexed from CSO Online
A new ransomware threat called LockFile has been victimizing enterprises worldwide since July. Key to its success are a few new tricks that make it harder for anti-ransomware solutions to detect it.
The threat uses what researchers from antivirus vendor Sophos call “intermittent encryption,” meaning it only encrypts chunks of data inside a file instead of its complete contents. This speeds the encryption process, or better said data corruption process, significantly but also tricks ransomware protection systems that rely on statistical analysis to detect potentially unauthorized file encryption.
Read the original article: LockFile ransomware uses intermittent encryption to evade detection