FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
An investigation of nine malware samples revealed FOG ransomware being distributed by cybercriminals impersonating the Department of Government Efficiency (DOGE). The ransomware, spread via email and phishing attacks, is concealed in a ZIP file named 'Pay Adjustment.zip'. The infection chain involves a multi-stage operation, downloading various scripts and executables. The ransomware checks for sandbox environments, decrypts its payload, and drops a ransom note. FOG ransomware has targeted multiple sectors, including technology, education, manufacturing, and transportation. The campaign either involves original FOG operators using DOGE references to troll users or other actors embedding FOG ransomware for impersonation purposes.
OPENCTI LABELS :
phishing,ransomware,data exfiltration,sandbox evasion,multi-stage,foggyweb,privilege escalation,doge
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE