Menu
This week, a new ransomware operation, dubbed MalasLocker by BleepingComputer, has been observed which is targeting Zimbra servers to steal emails and encrypt files since the end of March 2023. Although instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking.
“Unlike traditional ransomware groups, we’re not asking you to send us money. We just dislike corporations and economic inequality,” – the MalasLocker ransom note.
On analysis of the ransom note, the note does not contain a link to the ransomware gang’s data leak site. However, the Emsisoft threat analyst Brett Callow found a link to their data leak site which currently displays the stolen data for three companies and the Zimbra configuration for 169 other victims.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
