Security researchers observed that Ako ransomware is using malicious spam attachments to go after organizations’ networks.
On January 14, AppRiver Senior Cybersecurity Analyst David Pickett contacted Bleeping Computer and told the computer self-help site that his company had observed Ako being distributed via spam email.
Using subject lines such as “Agreement 2020 #1775505,” the attack emails instructed recipients to open a password-protected .zip archive in order to view an agreement. That archive contained an executable named “agreement.scr” that installed the ransomware upon execution.