MosesStaff attacks organizations with encryption malware: No payment demand made

The MosesStaff hacking group has entered the ‘ransomware’ fray with a difference: blackmail payments are furthest from their minds.

ZDNet Recommends

On November 15, Check Point Research (CPR) said the group began targeting organizations in Israel during September this year, joining campaigns launched by Pay2Key and BlackShadow

The focus of these operations was to deploy ransomware on their victim’s systems, cause damage, and steal valuable information destined for future public leaks. 

Ransomware operators, including Maze, Conti, and LockBit, to name but a few, have adopted double-extortion tactics through the launch of dedicated data leak websites on the Dark Web. 

During an assault, these groups will steal valuable corporate information ahead of the encryption of a victim’s systems. If they refuse to pay up, these organizations are then faced with the threat of this data being leaked to the public or sold. 

However, MosesStaff is open about its intentions: the attacks are political. No ransom demand is made — the only purpose is to steal information and to cause damage. 

“In the language of the attackers, their purpose is to “Fight against the resistance and expose the crimes of the Zionists in the occupied territories,” CPR says.

Read More: