Mechanics Behind Ransomware-as-a-Service

Ransomware is an increasingly serious concern, and this problem is getting worse over time. Initially, this malware began to compromise fixed targets such as individuals, but now the focus has changed and became much broader — from individuals to organizations. Hospitals, for instance, have become under attack by cyber attackers that carried out malicious campaigns to extort money.

In a few words, ransomware is a malware type which restricts access to data stored on a computer or system and demands the users to pay a ransom to remove that restriction. With the rise of Ransomware-as-a-Service (RaaS) model, cyber attackers have an easy way to launch a cyber-extortion business with virtually no technical expertise required. RaaS platforms have emerged on the Dark Web, and they are likely one of the primary drivers behind the huge spike in ransomware attacks over the last year.

Nowadays, the main targets for ransomware attacks are the organizations, as many of them end up paying the ransom to cyber attackers to avoid any negative reputational consequences which arise from the failure to protect their sensitive information.

RaaS already put its hallmark in the complex landscape of digital threats by operating with the same principles that govern Cloud services to satisfy business needs for online services. Hence, it is no surprise that cybercriminals went even further and contrived an affiliate ransomware distribution scheme.

This scheme gained major traction in 2015. RaaS began to be distributed via toolkits allowing cybercriminals to distribute ransomware by paying another cybercriminal for access to the code. With this piece of software, anyone can become a cybercriminal, even those who aren’t very technologically skilled.

Tox, for instance, is the first occurrence of RaaS detected and discovered since early 2015. The ransomware-construction kit was available online for free in the Dark Web since (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Pedro Tavares. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Llpdbh2qT14/