Fortinet recently encountered a new Ransomware-as-a-Service (RaaS) advertisement called “Encryptor RaaS”. The service is advertised on an onion-based domain via Tor2Web service and Fortinet detects the associated ransomware as W32/Cryptolocker.ABD9!tr.
Interestingly, the seller explicitly calls its website “Ransomware as a Service”, an AV industry language, where the advertised business model closely resembles the recently discovered “Tox” RaaS. The seller earns a 20% commission per infected user who opts to pay ransom. Additionally, all transactions are made via Bitcoin where affiliates or “customers” of this RaaS signs up via their Bitcoin address and victims need Bitcoin to recover their files. Below is a screenshot of the advertisement:
Encryptor RaaS: Yet another new Ransomware-as-a-Service on the Block | Fortinet Blog
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.