[WARNING] Ransomware-as-a-Service: Commoditizing ransomware

Were you aware of it?

  • Yes

    Votes: 9 69.2%

  • No

    Votes: 4 30.8%
  • Total voters
    13
Umbra

Umbra

Active Member
Reaction score
200
Location
Europe & S-E Asia
"One of the most profound changes in the modern business landscape has been the gradual shift to the Subscription Economy. In years gone by, you handed over your hard-earned money and in return received a product or service that was yours to keep. Now, both companies and consumers are ditching the traditional pay-per-product approach in favor of the as-a-service model – an arrangement that offers greater flexibility for consumers and more predictable, stable income for businesses. In most cases, it’s a better all-round experience for everyone involved.

Sadly, it’s not just Netflix and Spotify that have adopted this way of offering their services. In the dark recesses of the digital underworld, malware authors hawk ransomware subscriptions that are swiftly snapped up by buyers with unscrupulous motives. A relatively recent phenomenon, Ransomware as a Service (RaaS) allows anyone with an internet connection – regardless of their technical literacy – to purchase powerful ransomware via the Dark Web and carry out devastating encryption attacks against the targets of their choice. [...]"

Read more here

What do you think about this scheme?
 
Malware in general had gone to that years ago. Used to be just the developers that carried out the attacks. Quite a few years ago malware went to the market too...developers put their products up for sale, and bad guys without the coding skills purchase the malware "kits".
 
The Rig Exploit Kit could be had for as little as $500,000 US but came with 24/7 support and a guaranteed $20,000 per month for 12 months or your money back!
Angler, Crimepack, Elenore, Neosploit and Phoenix as well as Blackhole are all Exploit Kits - as - a - service. For about US$500 p/m they all offer support as well.
Of course, these are all under a much larger umbrella in "Crimeware - as - a - service."
 
Last edited:
I describe some of this to clients in terms of who we're trying to protect them against.

Once upon a time it was pimply-faced geeks with poor social skills trying to show off for each other. That's where you got things like obviously juvenile website defacements, "bouncing ball" viruses, etc. Then people started to get into it for money not "street cred." A lot of the early people doing it for money were still the same pimply-faced geeks or were hiring those geeks, so you still saw a lot of unprofessional stuff but with a money motive attached. This is when you started getting malware that popped up ads on your screen. As things have moved on from that, you get more and more professional and often highly-skilled developers creating and running software like this as a living and sometimes making a lot of money at it. This is the modern environment where now you have both people writing the (usually) ransomware and deploying it themselves and separately people writing malware "kits" and selling those. A lot of spam (particularly drug spam) also falls into this area, though it's attempting to get you to purchase things instead of attempting to breach your system - unless it's doing both. Along with those you have people using this environment for targeted activities - corporate espionage, targeted extraction of data to be used for financial crimes (healthcare, banking and Equifax hacks along with credit card fraud), political activities (e.g. the DNC hack being actively worked on during 9-5 office hours, Moscow time).

Basically, the mental image of a pimply kid in the basement hacking because he doesn't know any better is long gone - now it's being done in many cases by highly-skilled professionals who are doing it as a career, so take it seriously.
 
  • Like
Reactions: GTP
fencepost said:
now it's being done in many cases by highly-skilled professionals who are doing it as a career, so take it seriously.
Click to expand...

same geeks are responsible for the good kits, their way of showing off and obtaining respect for their work. the ransomware stuff however is a different story, i mean if you want to call them professional because they aren't doing anything to show off (well for the most part) and focusing on income then i understand but highly-skilled is a stretch.
 
You have to differentiate things:

1- Red teams/pentesters: professionals who have the skills to find vulnerabilities and develop tools to abuse them, then report their findings.
2- Hackers: like n°1 but using, distributing and selling the tools instead of reporting them for their own benefits. Some may be state-sponsored (NSA, CIA, employees).
3- Skiddies (Script Kiddies): people with limited skills who use/buy from n°2, more to have fun or for some fame.
4- the Mafias and some rogue nations (North Korea) : buy from n°2 or hire them just to make money or get intel.


Generally 1 and 2 may started as 3 and then become really skilled.
 
  • Like
Reactions: GTP
You must log in or register to reply here.
Back
Top