Yesterday, it was discovered by MalwareHunterTeam that Cybersecurity vendor Sophos is being impersonated by a new RaaS dubbed SophosEncrypt, with the threat actors using the company name for their operations:
The ransomware was initially thought to be part of a Sophos red team exercise, but the Sophos X-Ops team tweeted this in response:
We found this on VT earlier and have been investigating. Our preliminary findings show Sophos InterceptX protects against these ransomware samples,” tweeted Sophos.
Little is known about the RaaS operation and how it is being promoted, but a sample of the encryptor was found by MalwareHunterTeam, and researchers are still analyzing it to see if any weaknesses could allow the recovery of files for free.
Carol Volk, EVP, BullWall had this comment:
“Threat actors continually obfuscate their attacks and will always be one step ahead of the good guys. All we can do is man the walls with the best defenses available, including containment measures for when the walls are breached, as they surely will be.”
This situation illustrates the lengths that threat actors will go to launch attacks. Therefore we all have to be hyper vigilant to ensure that these attacks don’t succeed.
Like this:
Like Loading...
Related
This entry was posted on July 20, 2023 at 1:03 pm and is filed under Commentary with tags Sophos. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ransomware found impersonating Cybersecurity firm Sophos
Yesterday, it was discovered by MalwareHunterTeam that Cybersecurity vendor Sophos is being impersonated by a new RaaS dubbed SophosEncrypt, with the threat actors using the company name for their operations:
The ransomware was initially thought to be part of a Sophos red team exercise, but the Sophos X-Ops team tweeted this in response:
We found this on VT earlier and have been investigating. Our preliminary findings show Sophos InterceptX protects against these ransomware samples,” tweeted Sophos.
Little is known about the RaaS operation and how it is being promoted, but a sample of the encryptor was found by MalwareHunterTeam, and researchers are still analyzing it to see if any weaknesses could allow the recovery of files for free.
Carol Volk, EVP, BullWall had this comment:
“Threat actors continually obfuscate their attacks and will always be one step ahead of the good guys. All we can do is man the walls with the best defenses available, including containment measures for when the walls are breached, as they surely will be.”
This situation illustrates the lengths that threat actors will go to launch attacks. Therefore we all have to be hyper vigilant to ensure that these attacks don’t succeed.
Share this:
Like this:
Related
This entry was posted on July 20, 2023 at 1:03 pm and is filed under Commentary with tags Sophos. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.