"MalasLocker Ransomware Targets Zimbra Servers, Demands Charity Donation"

A new ransomware operation is attempting to infiltrate Zimbra servers in order to steal emails and encrypt files. Instead of a ransom payment, the threat actors demand a charity donation to provide an encryptor and not leak data. The MalasLocker ransomware attack began encrypting Zimbra servers near the end of March 2023, with victims reporting in forums that their emails were encrypted. MalasLocker's data leak site is currently distributing stolen data belonging to three companies as well as the Zimbra configuration for 169 other victims. The operation's ransom demand is quite unusual, putting it more in the realm of hacktivism. However, researchers have yet to confirm whether the threat actors keep their word when a victim donates money to a charity to get a decryptor. This article continues to discuss the MalasLocker ransomware operation and its unusual ransom demand.

Bleeping Computer reports "MalasLocker Ransomware Targets Zimbra Servers, Demands Charity Donation"