New 'Azov' ransomware strain frames cybersecurity researchers

A laptop with a padlock on the screen

A new strain of ransomware called Azov is currently being distributed through adware bundles, pirated software downloads, and key generators.

What sets this one apart from other ransomware variants, however, is that it frames established cybersecurity researchers by blaming them for the attack. For instance, the ransomware claims that it was created by Hasherezade, a programmer and a malware analyst.

Ransomware
Azov's ransomware note | via BleepingComputer

The ransom note says that Azov is encrypting devices in protest of Crimea's seizure and because western countries are not doing enough to help Ukraine in the war against Russia.

To decrypt affected files, the note instructs victims to contact security researchers Lawrence Abrams, Michael Gillespie, and Vitali Kremez, as well as BleepingComputer, MalwareHunterTeam, and VK Intel on Twitter. Given that these people and organizations are not associated in any way with the ransomware, they will not be able to assist in removing the ransomware. This also makes it impossible to contact the real threat actors to pay the ransom.

According to MalwareHunterTeam, the Azov ransomware started spreading about two weeks ago. The threat actor behind it appears to have purchased 'installs' through the SmokeLoader malware botnet to deliver the new strain. SmokeLoader is a malware botnet that cybercriminals use to create their own malware. It is normally distributed in websites advertising fake key generators, cheats, software cracks, and game modifications.

Some systems that have been encrypted by the Azov ransomware have also been infected with RedLine Stealer malware and STOP ransomware, BleepingComputer states.

To protect your systems from ransomware attacks, refrain from visiting potentially malicious sites and always be careful when opening unsolicited emails. Make sure as well to to have a backup of your files so you can easily recover them in case your files get encrypted. Finally, ensure that your antivirus and anti-malware software are up-to-date so they can prevent ransomware and other malware from infecting your devices.

Source: BleepingComputer

Report a problem with article
Twitter logo with blue checkmark at the bottom on a dark background with Elon Musk wearing a cowboy
Next Article

Twitter's verification badge may cost $20/month soon as Musk threatens to fire employees

Microsoft Outlook
Previous Article

This upcoming feature in Outlook will let you work uninterrupted

Join the conversation!

Login or Sign Up to read and post a comment.

2 Comments - Add comment

Advertisement