Ransomware Gang Takes Page From Elon's 'What Did You Do This Week' DOGE Emails
A ransomware gang is channeling Elon Musk's Department of Government Efficiency by taunting victims with ransom notes that demand to know what they've "accomplished for work" in the last week.
The FOG ransomware group has been distributing the DOGE-themed notes in recent weeks, according to malware samples that cybersecurity vendor Trend Micro discovered on the file-scanning service VirusTotal. 'We observed that these samples initially dropped a note containing key names related to the Department of Government Efficiency (DOGE),' Trend Micro says.
The ransom notes also allude to Edward Coristine, who uses the online alias 'Big Balls." He reportedly has a history with cybercriminal groups, but was still appointed to Musk's DOGE team. A separate cybersecurity firm, Cyble, spotted the same attack generating a pop-up on computers that says 'DOGE BIG BALLS RANSOMWARE.'
The FOG ransomware gang appears to be spreading its attack through phishing emails with an attachment titled "Pay Adjustment.zip." If opened, the attachment will download and execute a PowerShell script designed to load the ransomware loader in "cwiper.exe," along with other malicious programs.
"It also opens politically themed YouTube videos and includes written political commentary directly in the script,' Trend Micro notes. The attack is designed to gather data on the victim's PC before encrypting the files, and then leaving a ransom note, demanding the victim pay approximately $1,000 in the Monero cryptocurrency.
According to Cyble, the ransom note, titled RANSOMNOTE.txt, introduces the threat actor as 'Edward Coristine,' and lists his purported home address and phone number. The note then echoes Elon Musk's recent emails to federal workers and demand that victims justify their productivity by listing their weekly accomplishments.
'Give me five bullet points on what you accomplished for work last week or you owe me a TRILLION dollars,' the ransom note from the FOG gang says.
'The use of Coristine's name and the 'DOGE' reference in the ransomware could be a tactic to malign him and the DOGE initiative,' Cyble adds.
In the ransom note, the FOG group also claims they'll decrypt the files for free, but only if the victim spreads the ransomware attack to another victim.
'FOG ransomware is a relatively new ransomware family that enterprises must add to their watchlist,' Trend Micro warns. The gang claims to have attacked over 100 victims, including organizations in the education, manufacturing, and transportation sectors, since January.
Meanwhile, the official "what did you do this week" emails from DOGE are reportedly a bust. The Washington Post reports that the Office of Personnel Management basically told HR officials across the government that the emails are voluntary and that the agency didn't plan to do anything with the emails that were submitted.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
an hour ago
- Business Insider
Federal regulators probe Tesla over not properly reporting crashes involving Autopilot and Full Self-Driving
Tesla is once again in the crosshairs of federal regulators. The National Highway Traffic Safety Administration announced Wednesday that it is investigating allegations that Tesla is not correctly reporting crashes involving its Autopilot and Full Self-Driving systems. In the probe notice, the NHTSA said that car companies are required to report crashes involving autonomous or advanced driver assistance systems within five days of being notified of them. The regulator alleged that Tesla submitted reports months after the incident, sometimes in batches or on a rolling basis. "Preliminary engagement between [Office of Defects Investigation] and Tesla on the issue indicates that the timing of the reports was due to an issue with Tesla's data collection, which, according to Tesla, has now been fixed," according to the NHTSA's notice. "NHTSA is opening this Audit Query, a standard process for reviewing compliance with legal requirements, to evaluate the cause of the potential delays in reporting, the scope of any such delays, and the mitigations that Tesla has developed to address them." The NHTSA did not immediately respond to a request for comment. Dan O'Dowd, founder of The Dawn Project, a tech safety advocacy group, pointed out to Business Insider that according to Tesla's crash-counting methodology listed on its website, the company only counts crashes involving airbag deployments and if Autopilot was engaged within five seconds before the crash. Tesla did not immediately respond to a request for comment. In 2022, the NHTSA said it was investigating Tesla's Model 3 and Model Y vehicles over an alleged phenomenon known as " phantom braking," which is when the vehicle suddenly slams on the brakes for no reason, often at high speeds. In 2020, Tesla CEO Elon Musk said on what was then Twitter that phantom braking would be fixed in a coming software update, but he has not commented further since then. On August 1, a Florida judge ordered Tesla to pay $242 million in damages after finding the EV partly to blame for a 2019 crash that killed a 22-year-old woman and seriously injured her boyfriend. The driver was using Autopilot and had briefly looked away when the crash took place. Musk said on X that the company would appeal the decision. Another lawsuit brought by California's Department of Motor Vehicles alleges that Tesla's use of language in advertising Autopilot and FSD has misled consumers into thinking the vehicles are more autonomous than they really are. The case could see Tesla's right to sell in California suspended for at least 30 days. Attorney Matthew Benedetto, a member of Tesla's legal team, denied the allegations and told an administrative judge last month that the company informed customers that they "cannot fully rely" on FSD or Autopilot.
Yahoo
an hour ago
- Yahoo
OpenAI lawyers question Meta's role in Elon Musk's $97B takeover bid
OpenAI is asking Meta to produce evidence related to any coordination with Elon Musk and xAI to acquire or invest in the ChatGPT-maker. The request was made public in a brief filed Thursday in Elon Musk's ongoing lawsuit against OpenAI. Lawyers representing OpenAI said they subpoenaed Meta in June for documents related to its potential involvement in Musk's unsolicited, $97 billion bid to takeover the startup in February. It's unclear from the filing whether such evidence exists. OpenAI's lawyers say they discovered that Musk communicated with Meta CEO Mark Zuckerberg concerning xAI's bid to purchase the ChatGPT-maker, including 'about potential financing arrangements or investments.' Meta objected to OpenAI's initial subpoena in July; the ChatGPT-maker's lawyers are now seeking a court order to obtain such evidence. OpenAI is also asking the court for any of Meta's documents and communications related to 'any actual or potential restructuring or recapitalization of OpenAI' — the core issue in Musk's lawsuit against OpenAI. In the background of OpenAI's fight with Elon Musk, Meta has significantly invested in its own efforts to develop frontier AI models. That effort has included poaching several of OpenAI's leading AI researchers, including a co-creator of ChatGPT, Shengjia Zhao, who now leads research efforts at Meta Superintelligence Labs, the company's newest AI unit. Meta also invested $14 billion in Scale AI, and reportedly approached several other AI labs about acquisition deals. Lawyers representing Meta asked the court to reject OpenAI's request for evidence, arguing that Musk and xAI can provide any relevant information. Meta also argues that its internal discussions of OpenAI's restructuring and recapitalization are not relevant to the case. This is a developing story… Check back for updates.
TechCrunch
2 hours ago
- TechCrunch
OpenAI lawyers question Meta's role in Elon Musk's $97B takeover bid
OpenAI is asking Meta to produce evidence related to any coordination with Elon Musk and xAI to acquire or invest in the ChatGPT-maker. The request was made public in a brief filed Thursday in Elon Musk's ongoing lawsuit against OpenAI. Lawyers representing OpenAI said they subpoenaed Meta in June over its potential involvement in Musk's unsolicited, $97 billion bid to takeover the startup in February. It's unclear from the filing whether such documents and communications exist. OpenAI's lawyers say they discovered that Musk communicated with Meta CEO Mark Zuckerberg concerning xAI's bid to purchase the ChatGPT-maker, including 'about potential financing arrangements or investments.' Meta objected to OpenAI's initial subpoena in July; the ChatGPT-maker's lawyers are now seeking a court order to obtain such evidence. OpenAI is also asking the court for any of Meta's documents and communications related to 'any actual or potential restructuring or recapitalization of OpenAI' — the core issue in Musk's lawsuit against OpenAI. In the background of OpenAI's fight with Elon Musk, Meta has significantly invested in its own efforts to develop frontier AI models. That effort has included poaching several of OpenAI's leading AI researchers, including a co-creator of ChatGPT, Shengjia Zhao, who now leads research efforts at Meta Superintelligence Labs, the company newest AI unit. Meta also invested $14 billion in Scale AI, and reported approached several other AI labs about acquisition deals. Lawyers representing Meta asked the court to reject OpenAI's request for evidence, arguing that Musk and xAI can provide any relevant information. Meta also argues that its internal discussions of OpenAI's restructuring and recapitalization are not relevant to the case. This is a developing story… Check back for updates.
