"StopCrypt: Most Widely Distributed Ransomware Evolves to Evade Detection"
StopCrypt ransomware, also known as STOP Djvu, has evolved with a new multi-stage execution process that better evades detection by security tools. It is the most widely distributed ransomware in existence, typically targeting consumers instead of businesses. The ransomware operation's goal is to generate tens of thousands of small $400 to $1,000 ransom payments rather than a single large multi-million-dollar demand. The ransomware is mainly distributed through malvertising and malicious websites that deliver adware bundles disguised as free software, game cheats, and software cracks. However, once these programs are installed, users are infected with various malware, including password-stealing Trojans and STOP Djvu ransomware. This article continues to discuss findings regarding the new StopCrypt ransomware variant.
Bleeping Computer reports "StopCrypt: Most Widely Distributed Ransomware Evolves to Evade Detection"
Submitted by grigby1