![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
![Did I Discover A New Programming Paradigm? [closed]](https://miro.medium.com/v2/resize:fit:1200/format:webp/1*nKR2930riHA4VC7dLwIuxA.gif)
-Classic-Nintendo-GameCube-games-are-coming-to-Nintendo-Switch-2!-00-00-13.png?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
.jpg?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
.jpg?#)
_Wavebreakmedia_Ltd_FUS1507-1_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Hands-On With 'iPhone 17 Air' Dummy Reveals 'Scary Thin' Design [Video]](https://www.iclarified.com/images/news/97100/97100/97100-640.jpg)
![Mike Rockwell is Overhauling Siri's Leadership Team [Report]](https://www.iclarified.com/images/news/97096/97096/97096-640.jpg)
Ransomware hackers demand victims justify their jobs, or pay up
This new ransomware attack is asking victims to list five bullet points from their working week, like Musk did recently.
- New FOG ransomware is asking victims to justify their jobs
- FOG has been responsible for 173 attacks since June 2024
- The payload is initially delivered by email/phishing
A new ransomware attack appears to be channelling Elon Musk’s energy by demanding that workers share a recap of their weekly accomplishments, much like the Tesla CEO has demanded as part of his DOGE efforts.
The note references Musk’s controversial ‘five bullet points’ memo, asking victims to justify their jobs or cough up $1 trillion.
The original Musk policy was issued under Trump’s administration, and intended to drive accountability in federal departments. It quickly faced backlash and later became optional, however it’s now fuelling the latest round of scams according to a new Trend Micro report.
FOG ransomware inspired by Musk’s push for accountability
TrendMicro found nine ransomware samples between March 27 and April 2, which it has attributed to FOG Ransomware.
They “dropped a note containing key names related to the Department of Government Efficiency (DOGE),” says the report, which highlights DOGE’s position in the headlines.
The report cites recent Reuters reporting disclosing a DOGE technologist had previously been involved in providing support to a cybercrime gang linked to trafficking stolen data and cyberstalking an FBI agent.
FOG ransomware has been tied to 173 counts of ransomware activity since June 2024, and 53 in February 2025 alone. Individuals and organizations from the technology, education, manufacturing and transportation sectors are mostly at risk.
In the case of the current DOGE-inspired attack, malware is delivered via email or a phishing attempt using a ZIP file named ‘Pay Adjustment’, which contains a LNK file disguised as a PDF. Clicking the file runs a PowerShell script which retrieves ransomware payloads and plays political YouTube videos.
Although there are basic cybersecurity hygiene steps users can take to prevent attacks, such as not clicking on suspicious links, social engineering continues to be othe most exploited attack vector and humans are the weakest point of any company’s cybersecurity strategy, which is why Trend Micro is also recommending companies to monitor indicators of compromise.
You might also like
- These are the best endpoint protection systems
- Check out the best malware removal tools around
- Fake PDF converters are spreading malware to steal user information and worse - here's how to stay secure
