Beware of this ransomware, it pretends to be a cybersecurity company

Hackers sometimes show originality in creating their malicious programs. A new ransomware has just been identified on the web, and it bears the name of Sophos, a cybersecurity company. The company has already embarked on the fight against malware.

Credit: 123rf

Do you know the story of the wolf who disguises himself as a lamb to better approach the herd? Obviously, some hackers had it in mind when developing their latest ransomware. As a reminder, ransomware is malicious software that will most of the time block your computer by encrypting all the files on it. This makes it unusable, and to regain access to it, you have to pay a ransom, hence the name. Payment is most often requested in cryptocurrency, which is less easily traceable.

Also Read – This New Ransomware Manages To Hide From Antiviruses Through An Unstoppable Method

A few days ago, the team MalwareHunterTeamwhich specializes in finding new malware, finds a ransomware called Sophos, a famous cybersecurity company. She initially thinks it’s a program created by the company itself to test its anti-malware products, but no. This is malware posing as Sophos.. The firm immediately leans on the discovery and gives it the name of SophosEncrypt.

SophosEncrypt ransomware impersonates a cybersecurity firm

SophosEncrypt works in a fairly standard way. It takes the form of an executable file (a file ending with “.exe” for example) which once launched starts its file encryption process of the infected computer. Ironically, these will then have the “.sophos” extension. And as you can see below, it also replaces the PC wallpaper by an image sporting the logo of the company without embarrassment. The victim is then enticed to pay via an instruction page.

Ransomware SophosEncrypt
Credits: Sophos

At the moment, it is not yet known how this ransomware spreads. Sophos says at least one person has paid the price since its discovery. Do not forget that caution is in order when you surf the Internet or receive even legitimate-looking messages. If in doubt, do not launch a program that seems suspicious to you, and do not forget to install a good anti-virus on your machine.

Source: Bleeping Computer

Source link -101