Ransomware as a Service System Goes Live

Many companies, hospitals, universities, banks and other financial institutions are being infected by ransomwares. Many ransomware are launched to the black market in this current year that affected victims to pay millions of ransom. Petya and Mischa, two of the most popular ransomwares of 2016 has already threatened businesses from its successful file encryptions.

The developers of Petya and Mischa ransomware have officially made their malicious software open to public, and started Ransomware as a Service (RAAS). The program has launched on July 25, 2016 that pays the distributor a fair share based on the amount of bitcoins they extort from victims.

The 25% share of each 5 bitcoin is paid; while on total of 125 bitcoin per week can earn you up to 85% share. More the bitcoin can adds more percent of share. The developers of RAAS are eager to work with serious distributors only to make most of it before any counter technique is developed.

Petya requires administrative privileges to run so that it can replace the Master Boot Record and encrypt the Master File Table (MFT), which contains critical information about every file. A single dropper is capable of installing Petya or Mischa onto a victim’s computer. While if no administrative privilege is obtained, Mischa will infect the victim.

While researching on Petya ransomware, Lawrence Abrams said that:

“Petya causes Windows to reboot in order to execute the new malicious ransomware loader, which will display a screen pretending to be CHKDSK. During this fake CHKDSK stage, Petya will encrypt the Master File Table on the drive. Once the MFT is corrupted, or encrypted in this case, the computer does not know where files are located, or if they even exist, and thus they are not accessible.”

There is a decrypting tool available to defend against Petya ransomware but not for Mischa. That’s somehow making RAAS a good business with lots of distributors and profit.

Tim O’Brien, Director of Threat Research at Cloud Security Automation Company, said that:

“Above all else, end user awareness and training regarding the screening of emails and downloading files is the first line of defense.”

Therefore, when it comes to protecting an organization against ransomware, backing up the devices regularly should be considered until counter application is not developed. The installation of reputable and trusted security solution is recommended so that ransom attack can be prevented including suspicious links and email attachments.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Exploit Heartbleed using Metasploit in Kali Linux

Heartbleed vulnerability (registered as CVE-2014-0160) is a security bug present in the older version of OpenSSL cryptographic library. OpenSSL is a cryptographic toolkit used...

How to Install Parrot Security OS on VirtualBox in 2020

Parrot Security OS is a free GNU/LINUX distribution, released on 10th April 2013. It is a mixture of Kali Linux and Frozenbox OS, aims to...

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...