New ransomware-as-a-service caters to cybercriminals with commercial expansion

Image credit: Pixabay (Image credit: Pixabay)

New evidence suggests that the popular Play ransomware is now being rented out to cybercriminals.

Known as ransomware-as-a-service (RaaS), cybercriminals can pay to use the malware itself alongside the infrastructure needed to pull off an attack.This is a relatively new phenomenon and can provide a steady stream of revenue for malicious cyber gangs.

Security firm Adlumin has been tracking various attacks across multiple industries all leveraging the Play ransomware and found striking similarities between the attacks, suggesting it is being offered in the RaaS format. The similarities between separate attacks included copied passwords in the creation of high-privilege accounts and the same folders used for malware delivery.

Pay-per-Play

In a report, Adlumin stated, “The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it.

“When RaaS operators advertise ransomware kits that come with everything a hacker will need, including documentation, forums, technical support, and ransom negotiation support, script kiddies will be tempted to try their luck and put their skills to use.”

RaaS has been highlighted by multiple threat intelligence organisations as a growing sector within cybercriminal enterprise, as highly organized cyber gangs rent out their infrastructure, tactics, techniques and procedures to fledgling groups or individuals looking to make some money without the necessary investments in their own architecture.

In the wake of some ransomware attacks, cybercriminals have been known to leverage stolen data by threatening to sell/release it as a means of further extorting organizations and forcing them to pay. The US, alongside a number of other leading economies, recently signed a pledge to never pay a ransom to cybercriminals again.

Via The Hacker News

More from TechRadar Pro

The US government wants to offer better cybersecurity to major infrastructure firms
Keep yourself safe by taking a look at our rankings of the best endpoint protection software
Take a look at our list of the best Black Friday antivirus deals

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Latest

England's Marcus Smith lines up a kick in his team's November 2024 match against South Africa

England vs Japan live stream: how to watch 2024 rugby union Autumn International online

See more latest ►

Pay-per-Play

Are you a pro? Subscribe to our newsletter

More from TechRadar Pro

Most Popular