SYMBOLCOMMON_NAMEaka. SYNONYMS
win.makop_ransomware (Back to overview)

Makop Ransomware

BeforeCrypt describes that MAKOP Ransomware first appeared in 2020 as an offshoot of the PHOBOS variant, and that it has infected a number of computers since then. Files encrypted by MAKOP often have the extension “.makop”. You may also notice that your desktop wallpaper has changed. MAKOP uses RSA encryption. There are no known free decryption tools capable of decrypting files encrypted by MAKOP.

References
2023-03-12Luca Mella
@online{mella:20230312:makop:66ffdb8, author = {Luca Mella}, title = {{Makop: The Toolkit of a Criminal Gang}}, date = {2023-03-12}, url = {https://medium.com/@lcam/makop-the-toolkit-of-a-criminal-gang-53cd44563c11}, language = {English}, urldate = {2023-03-13} } Makop: The Toolkit of a Criminal Gang
Makop Ransomware
2021-08-13LIFARSVlad Pasca
@techreport{pasca:20210813:makop:3945430, author = {Vlad Pasca}, title = {{Makop Ransomware}}, date = {2021-08-13}, institution = {LIFARS}, url = {https://lifars.com/wp-content/uploads/2021/08/Makop-Ransomware-Whitepaper-case-studyNEW-1.pdf}, language = {English}, urldate = {2022-01-20} } Makop Ransomware
Makop Ransomware
2021-02-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team
@online{team:20210201:what:2e12897, author = {Microsoft 365 Defender Threat Intelligence Team}, title = {{What tracking an attacker email infrastructure tells us about persistent cybercriminal operations}}, date = {2021-02-01}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/02/01/what-tracking-an-attacker-email-infrastructure-tells-us-about-persistent-cybercriminal-operations/}, language = {English}, urldate = {2021-02-02} } What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Dridex Emotet Makop Ransomware SmokeLoader TrickBot
2020-01-27Twitter (@siri_urz)S!Ri
@online{sri:20200127:makop:078939c, author = {S!Ri}, title = {{Tweet on Makop Ransomware}}, date = {2020-01-27}, organization = {Twitter (@siri_urz)}, url = {https://twitter.com/siri_urz/status/1221797493849018368}, language = {English}, urldate = {2020-03-25} } Tweet on Makop Ransomware
Makop Ransomware

There is no Yara-Signature yet.