Security News > 2023 > July > Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware
Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name for their operation.
Discovered yesterday by MalwareHunterTeam, the ransomware was initially thought to be part of a red team exercise by Sophos.
"We found this on VT earlier and have been investigating. Our preliminary findings shows Sophos InterceptX protects against these ransomware samples," tweeted Sophos.
The ransomware encryptor is written in Rust and uses the 'C:UsersDubinin' path for its crates.
Internally, the ransomware is named 'sophos encrypt,' so it has been dubbed SophosEncrypt, with detections already added to ID Ransomware.
In each folder that a file is encrypted, the ransomware will create a ransom note named information.