Ransomware Gang Takes Page From Elon's 'What Did You Do This Week' DOGE Emails
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.
A ransomware gang is channeling Elon Musk's Department of Government Efficiency by taunting victims with ransom notes that demand to know what they've "accomplished for work" in the last week.
The FOG ransomware group has been distributing the DOGE-themed notes in recent weeks, according to malware samples that cybersecurity vendor Trend Micro discovered on the file-scanning service VirusTotal. 'We observed that these samples initially dropped a note containing key names related to the Department of Government Efficiency (DOGE),' Trend Micro says.
The ransom notes also allude to Edward Coristine, who uses the online alias 'Big Balls." He reportedly has a history with cybercriminal groups, but was still appointed to Musk's DOGE team. A separate cybersecurity firm, Cyble, spotted the same attack generating a pop-up on computers that says 'DOGE BIG BALLS RANSOMWARE.'
The FOG ransomware gang appears to be spreading its attack through phishing emails with an attachment titled "Pay Adjustment.zip." If opened, the attachment will download and execute a PowerShell script designed to load the ransomware loader in "cwiper.exe," along with other malicious programs.
"It also opens politically themed YouTube videos and includes written political commentary directly in the script,' Trend Micro notes. The attack is designed to gather data on the victim's PC before encrypting the files, and then leaving a ransom note, demanding the victim pay approximately $1,000 in the Monero cryptocurrency.
According to Cyble, the ransom note, titled RANSOMNOTE.txt, introduces the threat actor as 'Edward Coristine,' and lists his purported home address and phone number. The note then echoes Elon Musk's recent emails to federal workers and demand that victims justify their productivity by listing their weekly accomplishments.
'Give me five bullet points on what you accomplished for work last week or you owe me a TRILLION dollars,' the ransom note from the FOG gang says.
'The use of Coristine's name and the 'DOGE' reference in the ransomware could be a tactic to malign him and the DOGE initiative,' Cyble adds.
In the ransom note, the FOG group also claims they'll decrypt the files for free, but only if the victim spreads the ransomware attack to another victim.
'FOG ransomware is a relatively new ransomware family that enterprises must add to their watchlist,' Trend Micro warns. The gang claims to have attacked over 100 victims, including organizations in the education, manufacturing, and transportation sectors, since January.
Meanwhile, the official "what did you do this week" emails from DOGE are reportedly a bust. The Washington Post reports that the Office of Personnel Management basically told HR officials across the government that the emails are voluntary and that the agency didn't plan to do anything with the emails that were submitted.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
27 minutes ago
- Yahoo
Tesla's Texas robotaxi launch: Expect it to be 'low-key'
Tesla's (TSLA) robotaxi will tentatively launch in Austin, Texas, on June 22, according to CEO Elon Musk. CFRA analyst Garrett Nelson thinks this launch will be more of a "low-key" event compared to its big "Cybercab" debut last year. IN the video above, you can hear more of Nelson's take on the launch and why he thinks the stock has some near-term headwinds. To watch more expert insights and analysis on the latest market action, check out more Catalysts here. What are you expecting from this robo taxi launch? Yeah, thanks for having me. We think it's going to be a lot more low-key than the robo taxi day that Tesla held in Los Angeles last October, which was on a Hollywood movie set, very different type of production. I think this is going to be much more low-key. October or sorry, June 22nd is a Sunday, which is very unusual to have a major product launch, but I don't think that's a coincidence. So, I think it's, you know, expectations are high coming into this, but I think the key is really what happens in the three to six months following this event. So, initially, it's only going to be maybe a dozen or so model wise with the most recent version of full self-driving installed on them, operating in a geofenced area of Austin with the vehicle being supervised remotely as well. So, I think a lot of people are going to say, well, why is this so special? You know, what is Tesla doing here that Waymo isn't already doing with the robo taxis that they are operating in Austin. And I think people are going to look at the size of the geofenced area. Waymos is 37 square miles. How quickly they can expand that geofenced area, and then how quickly they can increase the number of vehicles on the roads and also then expand to other markets. What is the time framing for that scaling that would lead you to then raise your own rating and expectations on the stock? Well, Elon Musk thinks they can have maybe a thousand or so on the road by the end of this summer. It seems a bit optimistic, but we'll see. Our main concerns with this stock right now are number one valuation, given this really dramatic rebound since their first quarter earnings release in April. The stock is up, you know, about 100 points from when they reported earnings, only six or seven weeks ago. So, it's valuation at north of 110 times our EPS estimate for next year, but also ongoing market share losses across their three major markets of China, Europe, and the US. That has continued. You look at the China data, Tesla sales were down 15% in May. Meanwhile, total EV sales were up 38% in China. So, in Europe and the US, it's kind of a similar story. So, those near-term issues really concern us here. We know we're right around the corner from their second quarter deliveries report, which will happen in about three weeks. I don't think that's going to be a great release. And so there's some major near-term challenges and valuation being an issue for us also. In addition to the Big Beautiful Bill, in which Tesla will be losing their tax credits, not only on EVs, but for energy storage and solar products as well.
New York Post
27 minutes ago
- New York Post
Elon Musk's Tesla sues former Optimus robot engineer for allegedly stealing trade secrets
Elon Musk's Tesla is suing one of its former engineers for allegedly stealing trade secrets related to its highly anticipated Optimus humanoid robot. The defendant is Zhongjie 'Jay' Li, who cofounded the humanoid robot startup Proception Inc. after working at Tesla from Aug. 2022 to Sept. 2024, according to the complaint filed in San Francisco federal court on Wednesday. The lawsuit alleges Li, who worked on 'advanced robotic hand sensors—and was entrusted with some of the most sensitive technical data in the program,' downloaded Optimus files onto two smartphones. 3 A former engineer is accused of using Optimus technology to create his own startup. REUTERS Li started Proception less than a week after leaving Tesla and the startup claimed to have built humanoid robot hands with a 'striking resemblance' to Optimus just five months later. 'Rather than build through legitimate innovation, trial, and technical rigor, Defendants took a shortcut: theft,' the lawsuit says. 'They misappropriated Tesla's most sensitive materials, sidestepped the laborious process of development, and launched a company based not on original discovery, but on stolen work.' Tesla is seeking unspecified 'compensatory and exemplary damages' against Li, as well an order barring Li and his associates from using any of the company's trade secrets. The company also requested a jury trial in the case. Proception is based in Palo Alto, Calif., according to its LinkedIn page. Li lists himself as founder and CEO of the startup, which he says is 'tackling one of the most challenging and exciting humanoid projects of our time.' Li did not immediately return a request for comment on the lawsuit. In the suit, Tesla's attorneys said that successfully building an advanced robotic hand is 'among the most challenging' tasks in robotics. 3 Elon Musk has said Optimus is key to Tesla's future. AP 'Although Tesla does not disclose the precise year-over-year investments in Optimus, the research and development costs are in the billions of dollars,' the lawsuit says. 'Such an ambitious project demands unparalleled expertise and substantial time and financial commitment to achieve even incremental progress.' Musk has repeatedly described Tesla's Optimus robot as key to the company's long-term health and growth. The billionaire specifically touted Optimus's advanced robotic hand during the company's earnings call in January. 3 The Optimus humanoid robot is still in production at Tesla. Stanislav Kogiku/SOPA Images/Shutterstock 'My prediction long-term is that Optimus will be overwhelmingly the value of the company,' Musk said at the time. Bloomberg was first to report on the lawsuit.
Yahoo
37 minutes ago
- Yahoo
The Dawn Project and Tesla Takedown to Demonstrate the Danger Tesla Full Self-Driving Poses to Children in Live Austin Safety Tests
AUSTIN, Texas, June 12, 2025 (GLOBE NEWSWIRE) -- Public safety advocacy group The Dawn Project is collaborating with Tesla Takedown to demonstrate the critical safety defects of Tesla's Full Self-Driving software in a live demonstration in Downtown Austin today. The Dawn Project, in partnership with Tesla Takedown and ResistAustin, will demonstrate that the latest version of Tesla Full Self-Driving, version 13.2.9, will run down a child crossing the road while illegally blowing past a stopped school bus with its red lights flashing and stop sign extended. The event will begin at 11am CDT on Thursday 12 June at the intersection of Camacho and Mattie Streets by Mueller Park in Austin and the media and public are encouraged to attend. The organizations are choosing to conduct the demonstration on 12 June as it is the day which Bloomberg reported would mark the beginning of Tesla's Robotaxi service in Austin. Tesla has failed to meet this reported deadline and this week Elon Musk 'tentatively' set a new public launch date of 22 June. Tesla is also headquartered in Austin. Both The Dawn Project and Tesla Takedown are calling for a boycott of Tesla. For the past two years The Dawn Project has urged the public not to buy new Tesla vehicles and to sell their Tesla shares until the automaker fixes the safety critical defects in 'Full Self-Driving' and Tesla conclusively demonstrates that it is safe for use on public roads. Tesla Takedown has organized nationwide protests against Elon Musk and Tesla in recent months. The Dawn Project first warned Tesla that Full Self-Driving would illegally overtake stopped school buses in November 2022, via a full-page ad campaign in The New York Times. Tesla took no action to address the issue. The Dawn Project subsequently broadcasted a Super Bowl Commercial in February 2023 showing video footage of Tesla Full Self-Driving blowing past stopped school buses. Tesla still did nothing. Elon Musk's reaction was to crow on Twitter that the shocking footage would 'greatly increase public awareness that a Tesla can drive itself'. In March 2023, just one month after The Dawn Project's Super Bowl PSA, a self-driving Tesla illegally blew past a stopped school bus in North Carolina and struck a child, who was hospitalized with a fractured neck and broken leg. Commenting on the collaboration with Tesla Takedown, Founder of The Dawn Project Dan O'Dowd said: 'Self-driving software that illegally blows past stopped school buses and runs down children crossing the road must be banned immediately. Tesla's failure to address this critical safety defect demonstrates Elon Musk's utter negligence and contempt for public safety. If Tesla's engineers cannot fix this egregiously dangerous safety defect, they should be fired. If they can fix it but are choosing not to, they should be prosecuted. 'The National Highway Traffic Safety Administration must step up and ban Full Self-Driving from public roads to protect children. It is disappointing that the federal regulator in charge of road safety has taken no action to hold Tesla accountable. NHTSA must do its job and ban Tesla's defective Full Self-Driving technology from public roads before a child is killed.' A spokesperson for Tesla Takedown commented: 'The government is failing to protect children from Tesla Full Self-Driving by allowing Tesla to test defective software on public roads. It is time for the public to step up to keep children safe from Tesla Full Self-Driving. The only way to stop Elon Musk's reckless self-driving experiments is to boycott Tesla.' ResistAustin organizer, Nevin Kamath, commented: "Austinites are not Elon's personal crash-test dummies. ResistAustin is appalled that Musk chose our town as the launching pad for this dangerous technology and we encourage the people of Austin to boycott this dangerous service." CONTACT: Contact: Arthur Maltin, arthur@ / dawnproject@ / (+1) 805-335-7807
