Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

This new ransomware campaign wants millions of dollars to get your files back

Ransomware

A new ransomware threat actor has been reported targeting large corporations and demanding huge payouts in exchange for the decryption key and for not leaking sensitive data stolen in the attack.

Calling itself Money Message, the group was first reported on the BleepingComputer forums in the last days of March, with cybersecurity researchers from Zscaler ThreatLabs also flagging the potential threat soon after, as well. 

So far, the group listed two victims on its data leak site, one of which is allegedly an Asian airline with almost a billion dollars in annual revenue. Apparently, the group demanded $1 million in exchange for the decryptor and for keeping the data to themselves. 

Short on details

BleepingComputer says there is evidence of the group being behind a ransomware attack on a “well-known computer hardware vendor”, but nothing is conclusive just yet. 

The publication claims the encryptor “does not appear sophisticated”, but still gets the job done, encrypting all endpoints across target networks, and siphoning out sensitive data.

Besides Business Email Compromise, ransomware is one of the most popular and disruptive forms of cyberattack out there. Many groups, such as LockBit, REvil, or Black Basta, have repeatedly targeted not just commercial businesses, but government organizations and critical infrastructure, prompting governments around the world to act. 

After a number of arrests and hardware confiscations, most ransomware operators publicly stated they would not target critical infrastructure operators or healthcare organizations. 

This year, one of the biggest ransomware attacks happened when a Russian group called Clop found a zero-day vulnerability in GoAnywhere MFT and used it to infect, as it claims, 130 organizations around the world. So far, dozens of firms confirmed suffering from a ransomware attack at the hands of Clop, including the Hatch Bank, Hitachi Energy, Saks Fifth Avenue, Procter & Gamble, and others. 

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.