Japanese companies have been hit by a ransomware attack that’s being called “ONI,” named for the file extension it gives to encrypted files. Researchers have concluded that ONI was active for between 3 and 9 months on infected machines. ONI uses ransomware more as a tool for covering an attacker’s tracks and true purposes rather than as a criminal act in and of itself. The problem here is that a group that wants to cover its tracks rather than make money has very little incentive to actually produce the keys to un-encrypt files.”]
Source: https://www.darkreading.com/application-security/new-ransomware-attack-targets-japan/a/d-id/737890