Skip to content
Get A Demo
Free SIEM
    April 1, 2021

    OnlyDoge Ransomware Forces Organizations to Tighten Security Leashes

    While investigating several recent ransomware attacks, the Blumira security research team discovered a new variant of ransomware that will only accept Dogecoin as payment. We’ve named the ransomware variant OnlyDoge for this reason. 

    This dangerous variant furiously sniffs packets in an attempt to obtain Doge cookies and gain access to sensitive data. This makes it difficult to detect and remediate as it spreads like wildfire. Unlike other adversaries that gain access via a backdoor, OnlyDoge infiltrates systems via a Dogedoor.

    “OnlyDoge is one of the most destructive ransomware variants we’ve seen. The combination of automating remote code execution and requiring Doge as ransomware payment has increased its effectiveness,” said Matt Warner, CTO of Blumira. “It’s hard for anyone to take this threat seriously because … well, it’s Doge.”

    OnlyDoge victims are forced to pay the Doge ransom because they have no alternative to recover. However, organizations are unsure of how to acquire Dogecoin because it’s not available on common cryptocurrency exchanges such as Coinbase. Security analysts also face criticism from their kids about Doge being just a funny meme. 

    OnlyDoge
    Victims of an OnlyDoge attack will see this image fill the screen.

    OnlyDoge is putting stress on security programs that we haven’t seen before. Every organization should consider HODLing Dogecoin as a response to the outbreak.

    The new breed of OnlyDoge ransomware is spreading fast and there are rumors that new variants will pop up and accept other forms of payment such as NFTs, UniSocks and PancakeSwap.

    Doges are spending their Dogecoin on expensive supercars, like the one pictured here.

    We noticed that this variant spun up shortly after Elon Musk started tweeting about his passion for Doge and suspect that it might have served as the adversary’s inspiration for building this new ransomware variant.

    Unlike other ransomware variants, OnlyDoge exists only in the wild imaginations of Blumira employees and is therefore impossible to replicate. After April Fool’s Day, the attack will be only a doggone memory.

    Patrick Garrity

    Patrick has years of experience in the security industry building and scaling usable security products. He currently leads Blumira’s product, sales and marketing teams. Prior to joining Blumira, he led sales engineering, product marketing and international expansion for Duo Security.

    More from the blog

    View All Posts