DOGE-Trolling Ransomware Hackers Demand $1 Trillion In Chilling Attack

In a bizarre and chilling attack, the same group of DOGE ransomware hackers behind the infamous Big Balls threat has just upped the ante with an outrageous demand of $1 trillion from their victims. The attackers have been trolling Elon Musk and DOGE mercilessly in their latest ransom note, leaving many to wonder if they're taking themselves too seriously.

The FOG malware family, which has compromised over 100 victims in its first three months, appears to have started this trolling spree. According to a recent FBI report, the FOG threat is one of the most reported new ransomware attacks during 2024, and it's considered a "most pervasive threat" to critical infrastructure.

The attackers' latest ransom note includes a ZIP file with a deceptive shortcut that executes a multi-stage PowerShell infection chain exploiting a known Windows vulnerability. The attack also employs political and conspiracy theory tactics within the ransomware scripts and code, including references to Kennedy's assassination and warnings about "snitching" on the attackers.

"Give me five bullet points on what you accomplished for work last week or you owe me a TRILLION dollars," reads one part of the updated ransom note, which has left many victims fearing for their jobs if they don't comply. The demand is clearly tongue-in-cheek, but experts warn that the threat itself should not be taken lightly.

"We are the ones who encrypted your data and also copied some of it to our internal resource," the attackers state in the ransom note. "The sooner you contact us, the sooner we can get everything resolved." However, the tone is far from serious, with a warning that says "Don't snitch now" and a humorous reference to grabbing victims' coordinates.

The Impact of FOG Malware

"FOG ransomware is a relatively new ransomware family that enterprises must add to their watchlist," warned Trend Micro security researchers in an April 21 security report. "The impact of a successful ransomware attack could still potentially cost enterprises financial loss and operational disruption, regardless of the DOGE references and trolling nature of the ransom note itself."

"We have observed that prior to dropping its payload, the malware investigated checks various indicators, such as processor count, RAM, MAC address, registry, and tick count, to detect a sandbox," confirmed the researchers. "If any of these security checks should fail, then FOG will exit the entire process."

Should You Take The DOGE Ransom Note Seriously?

As such, it's imperative that you do not think that just because the attackers might act like clowns, the threat itself isn't serious. The ransomware demand is all business, and the attackers are dead serious about getting their hands on your data.

"We have observed that prior to dropping its payload, the malware investigated checks various indicators, such as processor count, RAM, MAC address, registry, and tick count, to detect a sandbox," said Trend Micro. "If any of these security checks should fail, then FOG will exit the entire process."

Experts warn that the attackers' behavior may be an attempt at humor, but it's not to be ignored. The threat is real, and you should take it seriously if you're a victim.