This new ransomware campaign wants millions of dollars to get your files back

Ransomware
(Image credit: Pixabay)

A new ransomware threat actor has been reported targeting large corporations and demanding huge payouts in exchange for the decryption key and for not leaking sensitive data stolen in the attack.

Calling itself Money Message, the group was first reported on the BleepingComputer forums in the last days of March, with cybersecurity researchers from Zscaler ThreatLabs also flagging the potential threat soon after, as well. 

So far, the group listed two victims on its data leak site, one of which is allegedly an Asian airline with almost a billion dollars in annual revenue. Apparently, the group demanded $1 million in exchange for the decryptor and for keeping the data to themselves. 

Short on details

BleepingComputer says there is evidence of the group being behind a ransomware attack on a “well-known computer hardware vendor”, but nothing is conclusive just yet. 

The publication claims the encryptor “does not appear sophisticated”, but still gets the job done, encrypting all endpoints across target networks, and siphoning out sensitive data.

Besides Business Email Compromise, ransomware is one of the most popular and disruptive forms of cyberattack out there. Many groups, such as LockBit, REvil, or Black Basta, have repeatedly targeted not just commercial businesses, but government organizations and critical infrastructure, prompting governments around the world to act. 

After a number of arrests and hardware confiscations, most ransomware operators publicly stated they would not target critical infrastructure operators or healthcare organizations. 

This year, one of the biggest ransomware attacks happened when a Russian group called Clop found a zero-day vulnerability in GoAnywhere MFT and used it to infect, as it claims, 130 organizations around the world. So far, dozens of firms confirmed suffering from a ransomware attack at the hands of Clop, including the Hatch Bank, Hitachi Energy, Saks Fifth Avenue, Procter & Gamble, and others. 

Via: BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag
China government-linked hackers caught running a seriously dangerous ransomware scam
Image of laptop infected with malware
Ransomware criminals are now sending their demands...by snail mail?
A person at a laptop with a cybersecure lock symbol floating above it.
Cybercrime gang targets victims with "triple threat" attacks
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Latest in News
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC
Oura Ring 4
Activity tracking on Oura Ring is about to get a whole lot better, but I've got bad news about your step count
Google Pixel Buds Pro 2
Cleaned your Pixel Buds Pro 2 recently? If not, you might be getting worse sound
Google Maps on a phone being held in someone's hand
Google Maps is getting two key upgrades, for easier route planning and quicker access to Gemini AI