Ransomware Intelligence

moneymessage Ransomware Group

Ransomware group profile

5Victims
61Impact score

Description

MoneyMessage is a ransomware group that emerged in March 2023, focusing on financial gain through sophisticated cyber attacks. They use double extortion tactics, encrypting data while threatening to leak sensitive information to pressure victims into compliance. Their operations have impacted high-profile organizations across various sectors worldwide.

Key insights

  • Employs double extortion tactics, encrypting data and threatening to leak it.
  • Gains initial access via targeted phishing and social engineering attacks.
  • Utilizes unique ransomware that encrypts files without changing their names.
  • Targets both Windows and Linux operating systems, including VMware ESXi servers.
  • Deletes Volume Shadow Copies to evade detection during attacks.
  • Maintains a dark web site for extortion and data leak threats.

Threat Level & Status Breakdown

For moneymessage · Based on incidents in selected period

1.4threat level
Aggressiveness1.3/ 10
Lethality0/ 10
Criticality3.3/ 10

Status Breakdown

Claimed100.0%5
First seenAug 2025
Last seenJul 2026
Avg ransom
Payment rate
Statusactive
Sophistication0
Last updatedJul 15, 2026

Recent activity

Monthly attack count for moneymessage in the selected period

5Total attacks
2peak in Jul
1.3avg / month
↑ 1 vs first month
AugJanMayJul00.511.52

Intelligence

IOCs, YARA/Sigma rules, and related families for moneymessage

  1. f0e2d4c7a6b9d8e0f1e3c5a7b9d1e0f2d4e723f156104c997b5e43a6d71b56a3
  2. a2b1c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2
View full IOC feed2 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for moneymessage

Other

T1486

T1486

T1490

T1490

T1021

T1021

T1562

T1562

T1080

T1080

T1078

T1078

T1547

T1547

T1059

T1059

T1021.001

T1021.001

T1112

T1112

T1027

T1027

T1136

T1136

Victims(5)

CompanyDomainCountryIndustryStatusDiscovered
Envision Unlimitedenvisionunlimited.orgUS United StatesHealthcare
Claimed
7 days ago
X-Copper Professionalxcopper.comCA CanadaManufacturing
Claimed
14 days ago
Forestdaleforestdaleinc.orgGB United KingdomProfessional Services
Claimed
2 months ago
Family Partnerships of Central Floridafpocf.orgUS United StatesManufacturing
Claimed
6 months ago
Bucks County Opportunity Council, INC.bcoc.orgUS United StatesManufacturing
Claimed
12 months ago