Under attack?
Close

Get in Touch

Contact us to learn more about our elite cybersecurity services and industry-leading technologies.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Close
Breachquest

Emergency Incident Assistance

Is your network under attack? Get in touch with a
BreachQuest Specialist right away with this form.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811
Contact for non-emergency Contact for non-emergency

0mega

A new ransomware group in the spotlight, potentially launching around May 2022 already claiming multiple victims, with very little information on how their encryption and code work. No samples have been found in public yet. The group works using a double extortion technique, demanding money as ransom. If the demanded ransom is not paid, 0mega maintains a dedicated data leak site (“DLS”) to post the victim’s stolen data. During encryption, the “.0mega” extension is added to now encrypted files. Victims will receive a customized ransom note with their name, company info, and what type of data was stolen. Victims are then required to upload a copy of their customized note to the DLS with a unique ID (Base64) that identifies the victim to the threat actor.  The groups DLS has a few victims already posted, as it is still a new ransomware operation.

Go Back Go to Glossary index
Share this article:

Sign up for our newsletter to get more industry news and insights.

Related Resources

RedAlert, LILITH, and 0mega, 3 new ransomware in the wild

Learn more