First, those spreading Clop Ransomware are found making the file encrypting malware foster with more sophistication. In a recent discovery, SentinelLabs security researcher Vitali Kremez found that the said ransomware has evolved with a new potential of disabling the onboard security software and then encrypting the entire Windows Machine.
“Clop Ransomware after installation, starts a small program onto the victim machine that disables security software like Malwarebytes and then steals data and then locks down the entire system from access until a ransom is paid”, said Kremez from SentinelLabs.
It does so by altering the registry values and then disabling the Windows Defender. And it gradually attacks the functioning of the behavior monitoring, real-time protection and other security values and neutralizes them after added Kremez.
Training, making a layered defensive approach and having a backup up plan in place can only save the companies operating with Windows OSes loaded computer systems say experts.
Meanwhile, news is out that Huntsville City Schools will be closed down on Tuesday and Wednesday as the servers offering digital services to the staff and students were reportedly infected by ransomware.
At the time of this article writing, Huntsville school authorities have confirmed the closure of schools on Tuesday. But haven’t confirmed on what is in store for the 24,000 students on Wednesday as the IT staff has been working 24×7 to restore the services to normalcy ASAP.
All parents of the school have received Robo-calls (pre-recorded automated voice messages of phone) that they have to ask their children to submit their laptops and chrome books to the school authorities, as this can help contain the malware spread via network.
Craig Williams, the school spokesperson, confirmed the incident and urged students and teaching staff not to use their officially issued phones or computers until further notice.