ZELJKA ZORZ
A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a low-profile and seemingly not very active threat actor – seems to be among them.
0mega (spelled with a zero) is a relative newcomer to the ransomware/extortion business.
Evidence of its activities were first spotted roughly a year ago, when one victim – a UK-based electronics repair and refurbishment company – apparently refused to pay and the gang leaked company data on its dedicated leak site.
The gang used ransomware that added the “.0mega” extension to encrypted files, but a sample of the malware hasn’t been found.
Since then, stolen data of two additional victims has been leaked.
Of course, the fact that the leak site only lists a few victims does not mean there haven’t been many others. One victim organization’s data was leaked and then removed, according to Lawrence Abrams.
Read the full article on Help Net Security.
Start in minutes and secure your critical SaaS applications with continuous monitoring and data-driven insights.