Malware Killing Windows 10 Applications ‘Clop’

0

Clop, which first appeared as a simple software in March 2019, was developed over time to become a Windows 10 application killer malware. The fact that the software targets all networks instead of individual machines increases the magnitude of the danger.

The US Federal Bureau of Investigation (FBI) issued a high-impact threat warning to US-based businesses and organizations on October 2, 2019. About this threat, a ransom software, the FBI said cyber criminals “developed and changed their techniques to make their attacks more effective and prevent detection. De In some sections, this warning was described as“ old news, de but New Orleans was declared an emergency.

The successful ransom software behind the December 23 attack that encrypts “almost all Windows systems” at Maastricht University has now become a threat to Windows 10 users. Security researchers say that the most recent op Clop ransomware ’variant will terminate a total of 663 Windows processes before encrypting files, and can disable Windows 10 and Microsoft Office applications.

Clop’s short history:
Clop first appeared in March 2019 as a very simple variant of the CryptoMix ransomware team. It didn’t seem unusual at that time, but even in the early days, the team behind the software wanted to make Clop a different one. As a result, Clop began to target all networks rather than just individual Windows machines.

Lawrence Abraham, founder of Bleeping Computer on November 22, 2019, said that Clop was developed to disable Windows Defender and remove Microsoft Security Essentials and Malwarebytes Anti-Ransomware. At that time the Russian TA505 group was thought to be behind Clop attacks. The last known and biggest one of the Clop attacks took place on December 23, 2019 at Maastricht University in the Netherlands.

Clop evolved to kill Windows 10 applications:
Windows 10 is a popular target among malware. Therefore, it is not surprising that the creators behind Clop have developed malware code to target Windows processes. Ransomware usually tries to disable security software, but Clop does much more than normal.

According to the report published by Bleeping Computer, a reverse-engineered Clop variant at the end of 2019 can terminate a total of 663 Windows processes. On the other hand, it is not known why some of these transactions, such as Calculator, Snagit and SecureCRT, were terminated. In addition, Clop’s targeted applications include Acrobat, Edge, PowerPoint, Skype and Word.

How can you protect yourself from Clop Ransomware?
As with all ransomware threats, the most effective way to minimize the Clop software threat is to be prepared. Understanding how malicious software is spread helps users identify dangerous e-mails and attachments and take appropriate action. However, getting the most up-to-date security patches available for systems and applications is another way to protect against malware.

LEAVE A REPLY

Please enter your comment!
Please enter your name here