Monday morning, you open the business and are horrified to discover that nothing is working. There is a note on the main computer screen…
Another victim of Makop Ransomware! If you don’t pay them, they can even shut down your business.
Professional hackers operate with profit in mind. They act without feeling, nor do they strike blindly. Instead, they possess immense patience, monitoring their potential victims for months and investing significant amounts of time and resources in their attacks.
Dozens of hacker groups choose to attack only “soft” targets, i.e., small and medium-sized businesses, due to the lack of comprehensive protection against cyberattacks. They get in easily, it costs them little, and they earn a lot.
What is Makop Ransomware?
Makop is malicious software that encrypts all files by adding its .makop extension to them while leaving a note in every compromised folder as well as on the computer’s desktop.
In the note, the perpetrators state that they have locked the files, emphasizing that if they are not paid to unlock them, they will either delete or leak them.
Indeed, all Makop victims experience the same issue: every time they attempt to open their files, it is impossible.
However, even if you pay the hackers, there are no guarantees that they will unlock your files, that they will not leak them, or that they will not return with greater demands.
Makop has proven particularly devastating for small and medium-sized businesses, causing serious operational problems and financial losses.
Hackers’ demands from small and medium-sized businesses range from just $250 to $15,000; from larger firms, they demand up to $40,000, but they always ask to be paid in cryptocurrency.
First Signs of Attack
During the encryption attack, your devices suddenly run very slowly, while unusual activity appears on the network as Makop ransomware communicates with its command and control servers.
It is worth noting that Makop is particularly dangerous because it has developed methods to bypass traditional antivirus software.
How does it attack?
Makop can “drill holes” into your infrastructure by exploiting vulnerabilities in the applications on your computers. This means that hackers have already “scanned” you.
While it has been observed several times that the installation of Makop occurs without the device owner having to do anything, for example, when they unknowingly visit malicious websites.
Makop can also arrive via emails containing infected attachments, as well as by exploiting the Remote Desktop Protocol.
Risk Assessment
Our experience in handling ransomware attacks shows that most businesses that were “hit” could have prevented the attack long before it even occurred.
A risk assessment of your infrastructure from Tictac will reveal where and how Makop can access your files and data. Based on the findings, we can jointly design the shielding of your network.
At the end of the day, two things matter: one is that you have data, that is, to withstand an attack, and the second is to make it difficult for hackers to reach your data.
If you are a small or medium-sized business and want to ensure your system’s security, contact the Tictac team today for a proactive Risk Assessment and shield your business before it’s too late.
How Tictac Cyber Security can help you
Our team at Tictac specializes in dealing with ransomware incidents. We offer:
- Immediate response with the Incident Response Engineer to your infrastructure
- Full Forensics investigation to identify the origin of the attack
- Assessment of decryption capabilities using all known tools and methods
- Managing negotiations with security and legal coverage
- Recovery of operations through Disaster Recovery Plan
- Planning preventive measures for the future (Zero Trust Architecture, EDR, Immutable Storage)
- Management of Legal actions and reports to the competent authorities
