Hi Everyone
I run a small business (sole trader) using MoodleCloud.
This morning I received my first ransomware threat. After investigating, it looks like it is a fishing expedition, and there is no sign of access having been gained to my moodlecloud site (I checked activity logs, and the only activity is my own log in today)
It appears the ranomdouchebags have simply navigated to my sites "contact site support" area where you can fill out a form to contact the site administrator:
They have filled in the form with the threatening email. My initial reaction was laughter, as the threatening email is so poorly written. See below.
I guess I have two questions:
1) Has anyone else had this happen.
2) Does Moodlecloud log all admin activity? This is the best way I know to confirm if they have actually been in to my moodlecloud site, and cannot see any sign of any user activity (including under my name)