%20(1).webp?w=1600&resize=1600,900&ssl=1)
The notorious FOG ransomware group has made headlines once again by leaking the source code of three new victims on their dark web portal.
The victims, all based in France, include Omydoo, Ayomi.fr, and ADULLACT, marking a significant escalation in their cyber extortion campaign.
Details of the Breach
According to the post from FalconFeeds.io, the FOG ransomware group is known for its sophisticated and aggressive tactics.
Their modus operandi often involves gaining initial access through brute force attacks on remote desktop protocols (RDP) or compromised VPN credentials.
Once inside, they encrypt files and exfiltrate sensitive data using tools like MEGAsync and Filezilla, employing double extortion tactics to pressure victims into paying the ransom.
In this latest attack, the leaked data of the three French organizations was posted on FOG’s dark web portal, known as “The Fog Blog.”
This platform serves as a hub for publishing stolen data when victims refuse to meet ransom demands.
The group’s actions underscore their continued focus on high-value targets, with ransom demands averaging $220,000 per attack.
FOG ransomware’s technical sophistication is evident in its ability to evade detection.
The malware disables Windows Defender, deletes system backups, and appends unique extensions like .fog or .flocked to encrypted files.
Additionally, it creates ransom notes named “readme.txt,” which direct victims to a TOR-based negotiation site.
Victim Profiles: Omydoo, Ayomi.fr, and ADULLACT
The three affected organizations represent diverse sectors within France:
- Omydoo: A company specializing in digital solutions.
- Ayomi.fr: A platform focused on financial services.
- ADULLACT: An association supporting open-source software development for public administrations.
The impact of these breaches could be severe, both operationally and reputationally.
Victims of ransomware attacks often face prolonged downtime, loss of sensitive data, and significant financial costs.
Moreover, the public exposure of stolen data can lead to legal liabilities and erode trust among stakeholders.
A Growing Threat Landscape
FOG ransomware has rapidly gained notoriety since its emergence in 2024.
Cybersecurity experts have noted its alarming speed; in some cases, it takes only two hours from initial access to file encryption.
The group’s use of double extortion tactics—encrypting data while threatening to leak it—has become a hallmark strategy among modern ransomware operators.
This incident highlights the growing threat posed by ransomware groups targeting organizations with inadequate defenses.
Experts recommend robust cybersecurity measures such as endpoint detection systems, regular backups stored offline, and employee training to mitigate risks.
Advanced solutions like AI-driven threat detection systems have also proven effective in identifying and neutralizing threats before they escalate.
As ransomware attacks continue to evolve in complexity and scale, organizations must remain vigilant to protect against these malicious actors.
The latest attack by the FOG ransomware group serves as a stark reminder of the critical need for proactive cybersecurity measures in today’s digital landscape.
Also Read:
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The%20victims,%20all%20based%20in%20France,%20include%20Omydoo,%20Ayomi.fr,%20and%20ADULLACT,%20marking%20a%20significant%20escalation%20in%20their%20cyber%20extortion%20campaign.){kind=link}