Security News > 2022 > October > New Azov data wiper tries to frame researchers and BleepingComputer
A new and destructive 'Azov Ransomware' data wiper is being heavily distributed through pirated software, key generators, and adware bundles, trying to frame well-known security researchers by claiming they are behind the attack.
As there is no way to contact the threat actors to pay a ransom, this malware should be treated as a destructive data wiper rather than ransomware.
While the threat actors claim they are doing this in support of Ukraine, BleepingComputer knows of a Ukrainian organization affected by this data wiper.
The wiper takes its name from the Ukrainian Azov Regiment, a controversial military force that allegedly associated with neo-Nazi ideology in the past.
In a new campaign started over the past two days, a threat actor appears to have purchased 'installs' through the SmokeLoader malware botnet to deliver the new destructive Azov wiper.
BleepingComputer is aware of victims being double-encrypted, first with Azov and then with STOP ransomware, as SmokeLoader delivered both simultaneously.