EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • Ransomware impersonates Sophos product

    Ransomware impersonates Sophos product

    Written by
    The Editorial Team
    07.24.23
    Risks management
    01
    MIN
    Ransomware impersonates Sophos product
    Ransomware impersonates Sophos product
    Ransomware impersonates Sophos product
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Tech giants make commitment against political deepfakes
    Risks management
    03.05.24 Risks management
    Next article
    Tech giants make commitment against political deepfakes
    Read
    02
    MIN
    Image Vulnerability identified in Rhysida ransomware
    Risks management
    03.05.24 Risks management
    Next article
    Vulnerability identified in Rhysida ransomware
    Read
    02
    MIN
    Image State-sponsored cybercriminals using ChatGPT
    Risks management
    03.04.24 Risks management
    Next article
    State-sponsored cybercriminals using ChatGPT
    Read
    01
    MIN

    Even researchers who identified ransomware believed it to be legitimate at first.

    On July 17, 2023, the MalwareHunterTeam, a group of cybersecurity researchers, published their analysis of new ransomware, along with screenshots of how it runs. At first glance there is nothing unusual about the malware: it encrypts a computer system’s data and installs a ransom in the encrypted data. However, during its execution, various windows pop up with a seemingly trustworthy title: “Encryption Program – SOPHOS”.

    Giving the ransomware the name of the Sophos cybersecurity company reassures the uninformed victim, who is more likely to let the program run. Even MalwareHunterTeam initially believed it to be a legitimate Sophos product running a security test.

    When they reached out to Sophos, the latter confirmed it was ransomware, and had nothing to do with its products. The cybersecurity firm revealed that their own tools would prevent this “Sophos Encryption” from running. According to MalwareHunterTeam, the software operates like Ransomware-as-a-Service (RaaS), and is rented out to third parties by developers.

    The Editorial Team
    07.24.23
    Articles by the same author:
    1
    04.23.24 Secops
    Akamai to buy Noname Security for 500 million dollars
    Read
    01
    MIN
    2
    04.10.24 Cyber +
    Cahiers inCyber : “In Cloud We Trust”
    Read
    01
    MIN
    3
    03.05.24 Digital Sovereignty
    Government administration: France and Germany join forces to develop sovereign tools
    Read
    02
    MIN
    4
    03.05.24 Cyber stability
    Israel-Hamas cyberwar : Google emphasizes key role of Iran
    Read
    02
    MIN
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Tech giants make commitment against political deepfakes
    Risks management
    03.05.24 Risks management
    Next article
    Tech giants make commitment against political deepfakes
    Read
    02
    MIN
    Image Vulnerability identified in Rhysida ransomware
    Risks management
    03.05.24 Risks management
    Next article
    Vulnerability identified in Rhysida ransomware
    Read
    02
    MIN
    Image State-sponsored cybercriminals using ChatGPT
    Risks management
    03.04.24 Risks management
    Next article
    State-sponsored cybercriminals using ChatGPT
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.