Ransomware, Threat Management

Ransomware gang Money Message emerges with global reach

Share

BleepingComputer reports that a new ransomware gang called Money Message has emerged, with the first victim identifying themselves on March 28. The gang appears to target victims from around the world and demands that victims pay millions of dollars in ransom in exchange for their data not being leaked and being provided with a decryptor. The threat actor has so far claimed to have hit two victims on its extortion website, including an Asian airline that earns nearly $1 billion in annual revenue. Investigations revealed that Money Message uses an encryptor written in C++ and includes an embedded JSON configuration file that determines the type of encryption to be used on a device, as well as which items to block from encryption, which extensions to append, which services and processes are terminated and whether or not logging is enabled. A security researcher on Twitter observed that the encryptor uses ChaCha20/ECDH encryption. The encryptor does not appear to be sophisticated, and yet it is confirmed to have been used successfully in numerous data theft and encryption campaigns by the gang.

Ransomware gang Money Message emerges with global reach

BleepingComputer reports that a new ransomware gang called Money Message has emerged, with the first victim identifying themselves on March 28.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.