Moisha Ransomware spotted launching highly targeted attacks

Threat Advisories

Moisha Ransomware spotted launching highly targeted attacks

Threat Level
Attack Report

For a detailed threat advisory, download the pdf file here

Summary

Moisha ransomware based on .Net was first mentioned in mid-August, along with the PT_MOISHA team, the threat actor behind it. This ransomware was developed to carry out very targeted attacks, as indicated by its ransom note. The threat actor uses double-extortion techniques to encrypt and exfiltrate victim data.