The Makop Ransomware is a file-locking Trojan family that provides variants to third-party threat actors for a fee. Attackers then launch pseudo-custom campaigns for locking Windows users' media files with encryption and offering a ransom-based unlocking service. Users should protect any high-risk or valuable data with backups and have anti-malware services active for removing the Makop Ransomware members as soon as possible.
Small-Time Trojan Families Causing More than Little Data Problems
With variants under analysis since April, the Makop Ransomware's family is steadily, but very slowly, increasing in numbers. At its current rate, it's unlikely of ever matching with the 'great' names in the Ransomware-as-a-Service field, like Russia's Scarab Ransomware, Asia's STOP Ransomware or the Crysis Ransomware. However, for anyone in the statistically unlikely scenario of an infection, the relative rarity of the Makop Ransomware variations is cold comfort.
Some versions of the Makop Ransomware that malware researchers took through their due analysis previously include the Origami Ransomware, the Shootlock Ransomware, the ZES Ransomware and the Zbw Ransomware. Consistent features between them are based on Windows with limited external software dependencies, creating Notepad text messages as ransom notes and blocking files. The Makop Ransomware defaults to AES encryption with an RSA key, making it a traditional but secure threat with few opportunities for 'cracking' its file-locking method.
The media that the Makop Ransomware encrypts and locks may include various documents, spreadsheets, non-text like pictures or music, and even movies or archives. Although the extensions are semi-variable, the first version of the Makop Ransomware uses 'makop,' while others append different strings from their names, in turn. The Makop Ransomware's members also include bracketed e-mail addresses for negotiating over the ransom, usually, with a free service like ProtonMail.
Securing Your Files from a Trojan Family Waiting in the Wings
Breaking the key-secured encryption of a small Trojan family isn't any more straightforward than doing so for large ones like STOP Ransomware, and malware experts always recommend against assuming that decryption is possible. For countering file-locking attacks, most Windows users should store their files in safe places, such as cloud services or detachable drives. Networks are often targets of attacks by threats like the Makop Ransomware and should have appropriate password and privileges management for limiting a Trojan's access to files.
Anti-malware products from trustworthy companies also are proven forms of self-defense against file-locker Trojans.
The prosperity of Trojans like the Makop Ransomware is entirely up to those who encounter it out in the wild. A backup a day is the only requirement for becoming immune to the whole Ransomware-as-a-Service industry, and freeware imitators, to boot.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Makop Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.Download SpyHunter's Malware Scanner*
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.