MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption

A politically motivated group is paralyzing Israeli entities with no financial goal — and no intention of handing over decryption keys.

The MosesStaff hacking group is aiming politically motivated, destructive attacks at Israeli targets, looking to inflict the most damage possible, researchers warned.

Unlike other anti-Zionist hacktivists like the Pay2Key and BlackShadow gangs, which look to extort their victims and cause embarrassment, MosesStaff encrypts networks and steals information, with no intention of demanding a ransom or rectifying the damage. That’s according to Check Point Research (CPR), which began observing MosesStaff activity in September.

The group also maintains an active social-media presence, pushing provocative messages and videos across its channels, and making its intentions known.

“In the language of the attackers, their purpose is to ‘fight against the resistance and expose the crimes of the Zionists in the occupied territories,’” researchers explained in a Monday post. “There is no ransom demand and no decryption option; their motives are purely political.”

Known Vulnerabilities

MosesStaff (named after the Staff of Moses mentioned in the Book of Exodus, which was used to part the Red Sea for fleeing Israelites, among other things) is exploiting known vulnerabilities in Microsoft Exchange Server to

Read More: https://threatpost.com/mosesstaff-locks-targets-ransom-decryption/176366/