Tycoon - Ransomware
A new ransomware family known as Tycoon was discovered in late 2019 and continues to evolve into mid-2020. The malware appends various extensions to infected files including thanos, grinch, and redrum and uses RSA and AES encryption. Victims are required to email the threat actor and threatens to delete the encrypted files or increase the ransom amount if not paid within 24 hours. The initial infection vector is over insecure RDP and targets both Microsoft Windows and Linux endpoints.