It seems that every day new ransomware is targeting businesses, looking for a multi-million-dollar payday. Today is no different–a victim posted on the BleepingComputer support forums that they were infected with ransomware that had encrypted both their Windows 10 desktop and their Windows SBS 2011 server. After BleepingComputer researchers looked into the infection, it appears to be one that hasn’t been seen before. Upon further analysis, Ako appears to share similarities with the older ransomware MedusaLocker which has led some people to call it MedusaReborn.
Analyst Notes
As with any ransomware, the primary method of recovering from this style of infection is to have complete and secure backups of the company’s systems. With clean backups, a company can recover by deleting the infected files, verifying the infection is removed and replaced with the clean backups. Employing a service such as the Binary Defense Security Operations Center (SOC), which has the capability of monitoring endpoints, detecting and defending from malicious programs can stop these attacks before they become damaging.
For more information on Ako Ransomware: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
