raas


If the news about ransomware in recent weeks hasn’t gotten your attention, then maybe the fact that its threat magnitude has grown 35X over the past year will jolt you into a state of awareness. Further, ransomware isn’t a threat confined to just a few industries or geographical regions; it is a global problem facing organizations—and even individuals—of all shapes and sizes. The Magnitude of the Threat Upwards of 4,000 ransomware attacks happen daily, infecting between 30,000 and 50,000 devices each month. The financial... [Read More]
by RSS Jeannette Jarvis  |  Oct 05, 2017  |  Filed in: Industry Trends
Dot ransomware is a new Ransomware-as-a-service(RaaS) that is openly available in hacking forums. And following the current trend in malware services, it uses web portals hosted in the TOR network for anonymity. Commission-based Profit While lurking in hacking forums, we came across a post for this new ransomware service. RaaS services are now switching from a one-time fee or subscription payment model to a commission based strategy. One advantage of this scheme is that the up front price for the ransomware is free, and any profits realized... [Read More]
by RSS Rommel Joven  |  Mar 02, 2017  |  Filed in: Security Research
Given the popularity and success of ransomware, it is no surprise that malware authors have been developing more ransomware than ever before. Last year’s cost of ransomware attacks reached $1 billion, which not only shows how this affects businesses, but for cybercriminals the potential pay-out for cyber-extortion can be very lucrative. The rise of ransomware infections may also be attributed to the attractiveness growing availability of Ransomware-as-a-Service (Raas). Ransomware authors posts are now developing user-friendly... [Read More]
by RSS Rommel Joven  |  Feb 16, 2017  |  Filed in: Security Research
It’s been just less than a month since the Shark Ransomware was discovered, and there is already an upgrade from the same authors, along with a new Ransomware-as-a-Service (RaaS) website,a new name, and new features. While this site follows the standard RaaS business model being commonly used by other ransomware developers, it has a new twist.  Besides the usual offer to let users customize and build their own ransomware, Atom is being promoted as a “Ransomware Affiliate Program.” The twist is that it offers the soon-to-be... [Read More]
by RSS Rommel Joven  |  Sep 12, 2016  |  Filed in: Security Research
Earlier this month, a new ransomware-as-a-service (RaaS) from a group called “FAKBEN Team” emerged. In this post, we will talk about our findings on the ransomare binary that they sell on their website. Our analysis indicates that the encryption routine used by FAKBEN Team was grabbed from the open source Hidden Tear ransomware. The representative sample that we used has the MD5 c952a88edc0766adf819b30cd2683ac7. The malware was developed and compiled using Microsoft Visual C# .NET. Persistence The malware creates an autorun... [Read More]
by RSS Roland Dela Paz  |  Nov 25, 2015  |  Filed in: Security Research
Previously, we talked about a new ransomware-as-a-service called Encryptor RaaS. Encryptor RaaS is a GNU Compiler for Java (GCJ) compiled ransomware that is available to anyone who wishes to be a spreading affiliate. The author then takes 20% commission for each ransom paid by an infected victim. While monitoring, we noticed some updates on its website. In particular, the new version of the ransomware dated November 13, 2015, caught our attention so we decided to take a look. Currently, the website looks as follows: Figure 1. Updated... [Read More]
by RSS Roland Dela Paz  |  Nov 17, 2015  |  Filed in: Security Research
Fortinet recently encountered a new Ransomware-as-a-Service (RaaS) advertisement called “Encryptor RaaS”. The service is advertised on an onion-based domain via Tor2Web service and Fortinet detects the associated ransomware as W32/Cryptolocker.ABD9!tr.  Interestingly, the seller explicitly calls its website “Ransomware as a Service”, an AV industry language, where the advertised business model closely resembles the recently discovered “Tox” RaaS. The seller earns a 20% commission per infected user who... [Read More]
by RSS Roland Dela Paz  |  Jul 29, 2015  |  Filed in: Security Research