During trend Micro researchers monitoring of the ransomware threat landscape, they discovered samples with infection chain characteristics and payloads that can be attributed to FOG ransomware.
A total of nine samples were uploaded to VirusTotal between March 27 and April 2, which the researchers recently discovered were multiple ransomware binaries with .flocked extension and readme.txt notes. Trend Micro observed that these samples initially dropped a note containing key names related to the Department of Government Efficiency (DOGE), an initiative of the current US administration that has been making headlines, recently about a member who allegedly assisted a cybercrime group involved in data theft and cyberstalking an agent of the Federal Bureau of Investigation (FBI). The note also contains instructions to spread the ransomware payload to other computers by pasting the provided code in the note.
Read more…
Source: Trend Micro
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Hackers are scanning computers worldwide for open Bitcoin and Ethereum wallets…
November 27, 2017
Security researcher Didier Stevens setup a trap, or in digital security terms – a “honeypot”. Think of it as digital sting operation, where someone puts a server online open to attack – but nothing of value is really there, it’s only there to record the attacks as they happen. The logs of these honeypots revealed hackers ...
- Physical Theft Meets Cybercrime: The Illicit Business of Selling Stolen Apple Devices
November 15, 2017
Online scams and physical crimes are known to intersect. In an incident last May, we uncovered a modus operandi and the tools they can use to break open iCloud accounts to unlock stolen iPhones. Further research into their crossover revealed how deep it runs. There’s actually a sizeable global market for stolen mobile phones—and by extension, ...
- New IcedID Trojan Targets US Banks
November 13, 2017
Researchers are warning users about a wave of recent attacks targeting U.S. financial institutions that leverage a new banking Trojan dubbed IcedID. The IcedID Trojan was spotted in September by researchers at IBM’s X-Force Research team. They said the Trojan has several standout techniques and procedures, such as the ability to spread over a network and ...
- Russian ‘Fancy Bear’ Hackers Using (Unpatched) Microsoft Office DDE Exploit
November 8, 2017
Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the targeted device ...
- Fast-growing cyber crime threatens financial sector: Europol
November 8, 2017
The “remorseless” growth of cyber crime is leading to 4,000 ransom attacks a day and gangs’ technological capability now threatens critical parts of the financial sector, the head of Europol said on Wednesday. Online criminals have become so sophisticated that gangs have created “conglomerations” with company structures that specialize in different criminal activities to carry out ...
- Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies
November 8, 2017
Nothing is free in this world. If you are searching for free hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a scam. For example, Cobian RAT and a Facebook hacking tool that we previously reported on The Hacker News actually could hack, but of the one who ...