OGDO Ransomware

Posted: September 10, 2020

OGDO Ransomware Description

The OGDO Ransomware is a file-locker Trojan that's part of STOP Ransomware's Ransomware-as-a-Service group. The OGDO Ransomware targets Windows systems and encrypts files, such as documents, so that they can't open. Users should schedule and secure backups for a complete recovery from any infections, and have a professional anti-malware service remove the OGDO Ransomware on its detection.

Trojan Families Jostling on the Threat Landscape

There's increasingly-stiff competition among Ransomware-as-a-Services and independent equivalents of file-locking Trojans, but the STOP Ransomware remains a popular option for threat actors. Hackers 'hire' and deploy this threat to various targets, including random home users, with randomized names and extensions being the most visible differences between them. The OGDO Ransomware is proof of the RaaS business sector's thriving in 2020, particularly for the STOP Ransomware family.

As a member of that group, the OGDO Ransomware includes an often-dynamic encryption security method that downloads a key as part of its locking victims' files, such as pictures, databases and documents. Further attacks from the OGDO Ransomware include appending campaign and ransoming data to files' names, creating HTA or TXT ransom notes, and erasing the user's Restore Points. Some STOP Ransomware family campaigns also attempt data theft through tools like AZORult, although this quirk isn't a universal one, and malware experts can't verify it for the OGDO Ransomware.

Because of the security around its data-locking feature, freely decrypting anything that the OGDO Ransomware's family locks is a rarity for victims. Malware researchers recommend backups on other, secure devices as an excellent means of protection against the OGDO Ransomware's attacks and those of all other Ransomware-as-a-Services. Windows users are the most pertinent demographic for the OGDO Ransomware, as they also are for most Trojans with these features.

Pushing the STOP Ransomware to Live Out Its Name

Secure backups on USB devices, password-protected NAS, and cloud services can keep most file-locker Trojans from having any bargaining leverage. In contrast, paying ransoms as per the OGDO Ransomware's instructions may or may not offer any decryption solutions in exchange. Even if the OGDO Ransomware defaults to its 'less secure' encryption, which uses an internal RSA key, most victims will have no recourse for recovery for free.

Windows users at home and in workplaces also should exercise precautions that will eliminate significant security vulnerabilities that could help spread the OGDO Ransomware. Strong passwords, disabling features like documents' macros or browsers' JavaScript, and installing software updates will assist with this goal. File-locker Trojans may install themselves through various methods, but most exploits require some accidental help from the victim.

Dedicated anti-malware services have long-since-confirmed detection metrics for the STOP Ransomware and its many members. Assuming that at least one such service is open, users should block and delete the OGDO Ransomware automatically without experiencing the file-locking attack.

The STOP Ransomware might be the most ironically-named of families, but such wordplay is part and parcel of the Trojan trade. The OGDO Ransomware, as another random iteration of it, is just as threatening but disposable as a hundred others, from the Jope Ransomware and the Djvu Ransomware to the Rumba Ransomware and the Boop Ransomware.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to OGDO Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware OGDO Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.