STOP Ransomware is Cracking Passwords

A new twist on an existing version of ransomware has users rightly concerned that not only has their device data been hijacked and encrypted, but now passwords to all their accounts are also at risk. The ransomware called STOP was recently discovered with variants of the Azorult Trojan. Azorult cracks the user's passwords–just in case being hit by ransomware wasn’t enough of a blow. The term “cracking” refers to computer hacking with the malicious intent of stealing passwords and other data aimed at hijacking large amounts of a user’s private information. Thanks to ransomware attacks combined with Azorult malware, it’s a double-punch for victims finding themselves in a bad situation that just got a whole lot worse.

The Azorult Trojan is the malware infection now being attached to the STOP ransomware. It’s designed to steal passwords and usernames from a system, stored in places like browsers and their histories, cryptocurrency wallets, Skype message history, desktop files, and much more. Once stolen, it’s uploaded to a remote server run by the hacker. Unfortunately for the user public, cybersecurity professionals find Azorult is becoming a prolific extension of STOP ransomware. STOP typically gets downloaded through the usual malware routes–email phishing, fake updates, sideloading software, and other cybersecurity no-no’s. By now, we should all know better about avoiding malware of all types–but then, we’re only human.

Keeping safe from STOP ransomware, especially with the dreaded Azorult addition, is something users have the ability to curb by using cybersecurity smarts. If you think you’ve already been hit by STOP and Azorult, stop! Security pros have some great hints to minimize the damage going forward.

  • Immediately change account passwords, especially those stored in your browser. Always make sure passwords are lengthy and very difficult to crack. They should always include upper and lowercase letters, a number or more, a special character or more, and be unique to each online account.
  • Change passwords found in all software like Skype, Telegram, Steam, and File Transport Protocols (FTP). Again, follow the strong password guidelines.
  • Regularly backup files and applications. This will allow you to restore from one of those copies, should any ransomware strike.

Paying a ransom is not advised by the FBI or security professionals. It only encourages more attacks. If you have your data backed-up, there’s no reason to pay a ransom to have it restored–you can do it yourself. Besides, there is never a guarantee any decryption software or technique sent to you by a hacker is really going to get your data back; and in most cases, you won’t.