On the threat landscape in recent years, alarming numbers of ransomware groups sprung up. This is just as mushrooms grow from the ground after a shower.
In recent months, an emerging ransomware group called ‘Money Message’ has appeared. This group targets victims worldwide and demands ransoms of up to a million dollars to safeguard confidential data. In addition to the Chinese airline with annual revenue of approximately $1 billion, there have been at least two other victims of the group’s activities. A screenshot of the accessed file system is provided as proof that the group claims to have stolen data from the company. After that, five more successful ransomware attacks have been reported, the latest being on April 4.
Money Message has currently listed two victims on its leak site – an Asian airline with over $1 billion in assets and an unnamed vendor of computer hardware that deals in personal computers. Ransomware encryptors are also written in C++ and contain a JSON configuration file embedded into the code. This file is used to determine the encryption process on the victim’s device.
In this configuration file, you can specify which folders will be blocked from encryption by this setting. As part of this document, you will also find information regarding what extensions should be added, what services and processes should be terminated, whether logging is enabled, as wel
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: