LockFile Ransomware using new techniques to evade detection, says Sophos. The gang behind LockFile uses “intermittent encryption” to help evade detection. LockFile also avoids encrypting some 800 different filetypes by extension, Sophos says. The group also uses a relatively uncommon process known as memory mapped input/output to encrypt a file, the Sophos report says. It’s unusual to see all these techniques implemented in the same ransomware campaign, analyst says.”]
Source: https://www.cuinfosecurity.com/lockfile-ransomware-using-new-techniques-to-evade-detection-a-17442