Money Message attacks MD Logistics

Incident Date: Oct 03, 2023

Attack Overview
VICTIM
MD Logistics
INDUSTRY
Transportation
LOCATION
USA
ATTACKER
Money Message
FIRST REPORTED
October 3, 2023

The Money Message Ransomware Gang Attacks MD Logistics

MD Logistics, Inc. is a third-party logistics (3PL) company that specializes in supply chain management and distribution services. Money Message posted MD Logistics to its data leak site on October 3rd but provided no further details.

What is Money Message?

Money Message is a form of ransomware that employs encryption to lock files and leaves behind a ransom note named "money_message.log." Distinguishing itself from the majority of ransomware variants, Money Message refrains from altering file names by not appending its extension to them. It is typically employed by cybercriminals to coerce victims into making monetary payments.

How Does It Work?

Within the ransom note, victims are apprised that their files have been encrypted and are presently inaccessible without a decryption tool. The decryption tool, crucial for file retrieval, is made available upon payment of a ransom. Caution is advised against independent decryption attempts, as such actions could result in permanent file damage.

Included in the ransom note is a hyperlink to facilitate further communication and the ransom payment, conducted via the Tor browser for added anonymity. The note also carries a warning of impending online exposure of the encrypted files, such as posting them on a blog, should the ransom payment remain outstanding.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.