Makop ransomware: GuLoader and privilege escalation in attacks against Indian businesses

Makop ransomware, a variant of Phobos, is targeting Indian businesses by exploiting exposed RDP systems and employing tools like GuLoader for secondary payload delivery. The attacks involve network scanning, privilege escalation using various exploits, and defense evasion techniques, with a significant portion of incidents occurring in India.