New Ransomware as a Service (Raas) Offered — FREE of Charge

New Ransomware Variant Spread Through Free RaaS Offering

As if things couldn’t get worse, hackers have now acquired a free ransomware variant to distribute however they may like.  The latest variant deemed Saturn, is being offered as a Ransomware as a Service (Raas), free of charge.  This means, hackers are provided the malicious code.  From there hackers generate a file for the malicious code, and find a way to distribute it.  They could insert the coding in any file they so choose, meaning it could be a .pdf, .jpeg, .doc, or any other file type.  The exact methods of distribution are unknown; however, it would not be surprising if the Saturn buyers chose to utilize phishing attacks to spread the ransomware.

Once the victim executes the malicious file, the variant determines if the file was opened on a virtual machine.  If so, it exists the process.  If not, an executable is triggered to begin the encryption of data.  Once a file is encrypted, it is renamed to include the term “Saturn”.  The current ransom demand is $300 which doubles after seven days.  For each ransom paid, the attacker gets 70% and the Saturn creator gets 30%.

Saturn ransomware is already public, and is being offered freely on the dark web.

PC Matic customers, as long as you’re running SuperShield, PC Matic’s whitelist technology, you will not become infected by this ransomware variant.  The executable that triggers the encryption will be blocked, as it is not a trusted file.

2,300 total views, 2 views today

(Visited 2,570 times, 1 visits today)

7 thoughts on “New Ransomware as a Service (Raas) Offered — FREE of Charge

  1. With what’she going on these days with mallard and spyware, I wish PC Matic would offer PCMATIC PRO to
    ALL it’s customers. It just cost me $200.00 to rid my desktop of over 900, yes 900 viruses! ! So much for the regular PC Matic.

    • Hi Richard — PC Matic Pro is simply the business version, while PC Matic is for home use. The whitelist, SuperShield, is the primary method for malware detection in both.

      • Well, some people such as myself have a home based business as well as using my computer for regular non work items.
        If the home version worked as well as you people say it did, then why in heaven’s name it didn’t clean my computer of the viruses. Apparently the business version works better than the personal version that I and so many others purchased.

  2. Now if PC Matic would allow me to run my TD Ameritrade broker software, as it keeps listing Ameritrade as a virus. I’ve had to use a computer using Microsoft AV so I can stay in business.

    Occasionally I get the “ransomware” demanding money, from legitimate sites such as Yahoo Finance, requiring me to shutdown the computer. Customer “Service” says this is NOT ransomware, just an inconvenience. So, how do users know when it is real or “inconvenience” ransomware?

    And no, no fixes, customer service has given some totally unworkable “fixes.”
    I wish “service” was a part of the company, till they actually solve the problem, and block “inconvenience” attacks.

    • @Bill:
      Hey Bill, I’m sorry you’re having trouble running the software needed for your business. If you haven’t already, please contact our tech support so we can help get this resolved as we need for you to be satisfied and your pc to be protected. Please go to https://www.pcpitstop.com/support/ click Technical Support, then click Supershield Product, lastly, click the appropriate option under “Click Yes for PC Matic Consumer support, click No if invoiced monthly for Business support”
      From there, follow any prompts.

      Thanks,
      Tex

Leave a Reply

Your email address will not be published. Required fields are marked *