Security News > 2020 > March > Variant of Paradise Ransomware Targets Office IQY Files
A new variant of the Paradise ransomware attacks rarely-targeted Microsoft Office Excel IQY files, providing a new and relatively inobtrusive way to infiltrate and hijack an organization's network, researchers have found.
Paradise ransomware has been active since 2017, though it's not as well-known as other ransomware campaigns.
The new Paradise variant also uses an evasive host, IQY files, to attack a network, Haughom observed.
"Ransomware will typically force target applications to close to ensure that handles to files of interest are released. This allows the malware to then obtain handles to these important files during the encryption process."
Once files are encrypted, the Paradise variant automatically opens a ransomware note instructing the victim to visit an online chat to receive instructions on how to decrypt the files.