Ransom! momenta.cn (JUL-2026)

Ransom! momenta.cn (JUL-2026)
Dragonforce ransomware targeted momenta.cn in China, stealing all source code, financial documents, configuration files, employee databases, and more before encrypting servers and workstations. Momenta is allegedly trying to conceal the impact from Chinese regulators, the HKEX commission, and investors while reporting a $751M IPO profit, potentially amounting to one of the largest financial frauds in Chinese history. #China

Incident Details

  • Victim: momenta.cn
  • Sector: Technology
  • Country: CN
  • Actor: dragonforce
  • Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=3880d2b3-a7c4-473b-9407-bc9147cd9b63
  • Discovered: 2026-07-14T00:24:00.121028+00:00
  • Published: 2026-07-14T00:04:24.878950+00:00

Information

  • Momenta, an AI and autonomous-driving company, was targeted by DragonForce.
  • All source code, financial documents, configuration files, employee database, and more were stolen.
  • Servers and workstations were encrypted.
  • Momenta is allegedly trying to hide the incident from Chinese regulators, the HKEX commission, and investors while reporting a $751M profit from its recent IPO.
  • With a $9B+ market capitalization, this has been described as one of the largest financial frauds in Chinese history.

Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.

monitored by: ransomware.live