RaaS

Pierluigi Paganini July 03, 2020
Sodinokibi Ransomware Operators hit electrical energy company Light S.A.

Sodinokibi ransomware (aka REvil) operators are demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The company issued comments to a local newspaper confirming the attack, Light S.A. admitted the intrusion to […]

Pierluigi Paganini November 12, 2019
Buran ransomware-as-a-service continues to improve

The recently discovered ransomware-as-a-service (RaaS) Buran attempts to gain popularity by offering discounted licenses. In May, researchers from McAfee’s Advanced Threat Research Team discovered a new piece of ransomware named ‘Buran.’ Buran is offered as a RaaS model, but unlike other ransomware families such as REVil, GandCrab the authors take 25% of the income earned […]

Pierluigi Paganini July 19, 2019
Dutch police arrested the author of Dryad and Rubella Macro Builders

Dutch authorities announced the arrest of a 20-year old man for allegedly developing Dryad and Rubella Macro Builders. Dutch authorities announced have arrested a 20-year old man that is accused to be the author of Dryad and Rubella Macro Builders. The man lives in Utrecht, it created and distributed Rubella, Cetan and Dryad toolkits. “Recently […]

Pierluigi Paganini June 17, 2019
A free Decryptor tool for GandCrab Ransomware released

Good news for the victims of the latest variants of the GandCrab ransomware, NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the the NoMoreRansom website. The tool works with versions 5 to 5.2 of the ransomware, […]

Pierluigi Paganini November 04, 2018
Kraken ransomware 2.0 is available through the RaaS model

The author of the infamous Kraken ransomware has released a new version of the malicious code and launched a RaaS distribution program on the Dark Web. Researchers from Recorded Future’s Insikt Group and McAfee’s Advanced Threat Research team have discovered a new version of the malware that is offered through a RaaS distribution program on the Dark Web. […]

Pierluigi Paganini April 18, 2018
ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS

Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in the criminal underground, […]

Pierluigi Paganini March 01, 2018
Victims of the GandCrab ransomware can decrypt their files for free using the decryptor

The GandCrab ransomware decryptor has been released by the Romanian Police (IGPR) under the supervision of the General Prosecutor’s Office (DIICOT) and in collaboration with the internet security company Bitdefender and Europol. Bitdefender has teamed up with Europol, the Romanian Police, and the Directorate for Investigating Organized Crime and Terrorism (DIICOT) to release a free […]

Pierluigi Paganini February 26, 2018
Data Keeper Ransomware – An unusual and complex Ransom-as-a-Service platform

The Data Keeper Ransomware that infected systems in the wild was generated by a new Ransomware-as-a-Service (RaaS) service that appeared in the underground recently. A few days ago a new Ransomware-as-a-Service (RaaS) service appeared in the underground, now samples of the malware, dubbed Data Keeper Ransomware, generated with the platforms are have already been spotted in […]

Pierluigi Paganini February 04, 2018
GandCrab, a new ransomware-as-a-service emerges from Russian crime underground

Experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web. Experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service in the dark web dubbed GandCrab. The GandCrab was advertised in Russian hacking community, researchers noticed that authors leverage the RIG and GrandSoft exploit kits to distribute the malware. “Over […]

Pierluigi Paganini August 25, 2017
Mobile Trojan Development Kits allow creating ransomware without the need to write code

Researchers at Symantec have discovered Trojan Development Kits that allow creating Android ransomware without the need to write code. Ransomware continues to represent a serious threat to users and organizations. Unfortunately, it is easy for crooks arranging their own ransomware campaign by using numerous RaaS services offered online. Recently researchers at Symantec discovered a new […]