New ransomware-as-a-service caters to cybercriminals with commercial expansion

Image credit: Pixabay (Image credit: Pixabay)

New evidence suggests that the popular Play ransomware is now being rented out to cybercriminals.

Known as ransomware-as-a-service (RaaS), cybercriminals can pay to use the malware itself alongside the infrastructure needed to pull off an attack.This is a relatively new phenomenon and can provide a steady stream of revenue for malicious cyber gangs.

Security firm Adlumin has been tracking various attacks across multiple industries all leveraging the Play ransomware and found striking similarities between the attacks, suggesting it is being offered in the RaaS format. The similarities between separate attacks included copied passwords in the creation of high-privilege accounts and the same folders used for malware delivery.

Pay-per-Play

In a report, Adlumin stated, “The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it.

“When RaaS operators advertise ransomware kits that come with everything a hacker will need, including documentation, forums, technical support, and ransom negotiation support, script kiddies will be tempted to try their luck and put their skills to use.”

RaaS has been highlighted by multiple threat intelligence organisations as a growing sector within cybercriminal enterprise, as highly organized cyber gangs rent out their infrastructure, tactics, techniques and procedures to fledgling groups or individuals looking to make some money without the necessary investments in their own architecture.

In the wake of some ransomware attacks, cybercriminals have been known to leverage stolen data by threatening to sell/release it as a means of further extorting organizations and forcing them to pay. The US, alongside a number of other leading economies, recently signed a pledge to never pay a ransom to cybercriminals again.

Via The Hacker News

More from TechRadar Pro

The US government wants to offer better cybersecurity to major infrastructure firms
Keep yourself safe by taking a look at our rankings of the best endpoint protection software
Take a look at our list of the best Black Friday antivirus deals

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.

Latest

Quordle today – hints and answers for Wednesday, May 8 (game #835)

See more latest ►

Pay-per-Play

Are you a pro? Subscribe to our newsletter

More from TechRadar Pro

Most Popular