- The new fog ransomware is asking victims to justify their jobs
- FOG has been responsible for 173 attacks since June 2024
- The payload is initially delivered by email/phishing
A new ransomware attack seems to be channeling Elon Musk’s energy by demanding that workers share a summary of their weekly achievements, just like Tesla CEO has demanded as part of its Dux efforts.
The note refers to the controversial memorandum of ‘five bullet points’ of Musk, asking the victims to justify their works or cough $ 1 billion.
Musk’s original policy was issued under the Trump administration and intended to boost responsibility in federal departments. He quickly faced a violent reaction and then became optional, however, he is now feeding the last round of scams according to a new Trend Micro report.
Fog ransomware inspired by Musk’s impulse for responsibility
Trendmicro found nine ransomware samples between March 27 and April 2, which has attributed to fog ransomware.
“They left a note containing key names related to the government efficiency department (Doge),” says the report, which highlights Doge’s position in the holders.
The recent appointment report PakGazette The dissemination of a Dux Technologist had previously participated in providing support to a cyber crimes gang linked to stolen traffic data and cybersalication of an FBI agent.
The fog ransomware has been linked to 173 ransomware activity counts since June 2024 and 53 only in February 2025. The people and organizations of the technology, education, manufacturing and transport sectors are at risk.
In the case of the current attack inspired by Doge, the malware is delivered by email or a phishing attempt using a ZIP file called ‘Payment Adjustment’, which contains an LNK file disguised as PDF. When clicking on the file, run a Powershell script that recovers useful ransomware loads and reproduces YouTube political videos.
Although there are basic cybersecurity hygiene steps that users can take to prevent attacks, such as clicking on suspicious links, social engineering continues to be of most exploited attack vectors and humans are the weakest point of the cybersecurity strategy of any company, so the trend micro also recommends companies to monitor compromise indicators.
