Beware of this ransomware, it pretends to be a cybersecurity company - #SophosRAT
Three articles were published recently describing a new ransomware called SophosEncrypt. The ransomware impersonates the cybersecurity company Sophos in order to trick victims. The ransomware was first discovered encrypting files and displaying the Sophos logo as the desktop wallpaper while demanding a ransom payment. Researchers then analyzed the ransomware and found that it is ransomware-as-a-service written in Rust that uses strong encryption to lock files and has various capabilities like changing the desktop wallpaper. Although the ransomware checks for the Russian language and will not run on Russian systems, its command and control server location is unknown. Sophos researchers found that their antivirus products can block the ransomware.