Ransomware as a Service – Pandora’s Box Has Been Opened…

Ransomware as a service has been a rather lucrative business for hackers, and a new “business opportunity” is up for grabs…

The latest trend in ransomware, from the criminal’s standpoint, is using ransomware as a service.  Meaning they purchase the ransomware and then distribute it as they see fit.  The first time we reported on this was when Stampado was released for a low price of $39.  Think about that.  For less than $50 you could hold the key that could destruct thousands upon thousands of files until your demands are met.  For those whose morals were low enough, they jump at it.  However, Stampado was short lived, due to the decryption codes becoming available.

Unfortunately, this is just the beginning.  Most recently, Virus Guide reported Shark, a ransomware as a service, has become available on the deep web.  Unlike Stampado, Shark is free to users; however the criminals who distribute the ransomware have to pay 20% of their earnings to the authors of the ransomware.  Not a terrible deal, considering they didn’t really do much work.  The ransomware appears to be a basic template for the criminals to do with as they wish.  They’re able to identify which files to attack, the format of encryption, ransom demands, which countries to exclude from the attacks, and have the ability to insert their email address into the ransom letter so victims can communicate how to make payments.

As a PC user, you must do your part to ensure your computer is fully protected.  PC Matic encourages users to take the following steps to properly protect your PC:

  1. Patch Management – To be properly protected, your operating system and applications all must be updated.  Proper patch management takes care of the vulnerabilities found in your OS and applications as soon as fixes are available.
  2. Application Whitelisting – Using a security software that implements application whitelisting will prevent any unwanted programs from executing on your system.
  3. Cyber Security Training – Users must be aware of the current cyber security threats that they could face at any given moment.  Proper training can help users identify the red flags that could prevent a malware infection.

 

(Visited 54 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *