ransomware-as-a-service

Pierluigi Paganini April 25, 2022
BlackCat Ransomware gang breached over 60 orgs worldwide

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. FBI. The U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November. […]

Pierluigi Paganini February 12, 2022
CISA, FBI, NSA warn of the increased globalized threat of ransomware

CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. Cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Almost any sector was hit by sophisticated, high-impact ransomware attacks, including the Defense Industrial […]

Pierluigi Paganini November 26, 2021
Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware

Marine services provider Swire Pacific Offshore (SPO) has suffered a Clop ransomware attack that resulted in the theft of company data. Clop ransomware hit Marine services provider Swire Pacific Offshore (SPO) and stole company data, but did not affected global operations. “Swire Pacific Offshore (SPO) has discovered that it was the target of a cyberattack […]

Pierluigi Paganini January 30, 2021
Victims of FonixCrypter ransomware could decrypt their files for free

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. The FonixCrypter gang also closed its Telegram channel that was used to […]

Pierluigi Paganini January 27, 2021
Law enforcement announced global action against NetWalker Ransomware

A joint operation of U.S. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators. Law enforcement authorities in the U.S. and Europe have seized the dark web sites used by NetWalker ransomware operators. The authorities also charged a Canadian national involved in the NetWalker ransomware operations. “The […]

Pierluigi Paganini September 28, 2020
REvil ransomware operators are recruiting new affiliates

REvil Ransomware (Sodinokibi) operators deposited $1 million in Bitcoins on a Russian-speaking hacker forum to demonstrate their willingness to involve new affiliates. The REvil Ransomware (Sodinokibi) operators have deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business. Some hacker forum allows members to deposit funds that can […]

Pierluigi Paganini August 03, 2020
Belarussian authorities arrested GandCrab ransomware distributor

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware. The arrest is the result of an […]

Pierluigi Paganini April 18, 2018
ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS

Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in the criminal underground, […]

Pierluigi Paganini February 26, 2018
Data Keeper Ransomware – An unusual and complex Ransom-as-a-Service platform

The Data Keeper Ransomware that infected systems in the wild was generated by a new Ransomware-as-a-Service (RaaS) service that appeared in the underground recently. A few days ago a new Ransomware-as-a-Service (RaaS) service appeared in the underground, now samples of the malware, dubbed Data Keeper Ransomware, generated with the platforms are have already been spotted in […]

Pierluigi Paganini February 04, 2018
GandCrab, a new ransomware-as-a-service emerges from Russian crime underground

Experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web. Experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service in the dark web dubbed GandCrab. The GandCrab was advertised in Russian hacking community, researchers noticed that authors leverage the RIG and GrandSoft exploit kits to distribute the malware. “Over […]