Thank you for your interest in Obsidian! Please enter your information in the form and we will contact you shortly to schedule a demo.
A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a low-profile and seemingly not very active threat actor – seems to be among them.
0mega (spelled with a zero) is a relative newcomer to the ransomware/extortion business.
Evidence of its activities were first spotted roughly a year ago, when one victim – a UK-based electronics repair and refurbishment company – apparently refused to pay and the gang leaked company data on its dedicated leak site.
The gang used ransomware that added the “.0mega” extension to encrypted files, but a sample of the malware hasn’t been found.
Since then, stolen data of two additional victims has been leaked.
Of course, the fact that the leak site only lists a few victims does not mean there haven’t been many others. One victim organization’s data was leaked and then removed, according to Lawrence Abrams.