Sophos identifies connection between Mount Locker and Astro Locker team ransomware
Sophos published a new report on a recently uncovered connection between the Mount Locker ransomware group and a new group, called “Astro Locker Team.”
In a nutshell, Sophos recently detected ransomware targeting an organization’s unprotected machines that had all the hallmarks of Mount Locker ransomware. However, when they followed the link in the ransom note to the attackers’ chat/support site, Sophos incident responders found themselves faced with a near-unknown group calling itself “AstroLocker Team” or “Astro Locker Team.” Astro Locker appears to be a new ransomware family – but appearances can be deceptive.