Ransomware as a Service System Goes Live

Many companies, hospitals, universities, banks and other financial institutions are being infected by ransomwares. Many ransomware are launched to the black market in this current year that affected victims to pay millions of ransom. Petya and Mischa, two of the most popular ransomwares of 2016 has already threatened businesses from its successful file encryptions.

The developers of Petya and Mischa ransomware have officially made their malicious software open to public, and started Ransomware as a Service (RAAS). The program has launched on July 25, 2016 that pays the distributor a fair share based on the amount of bitcoins they extort from victims.

The 25% share of each 5 bitcoin is paid; while on total of 125 bitcoin per week can earn you up to 85% share. More the bitcoin can adds more percent of share. The developers of RAAS are eager to work with serious distributors only to make most of it before any counter technique is developed.

Petya requires administrative privileges to run so that it can replace the Master Boot Record and encrypt the Master File Table (MFT), which contains critical information about every file. A single dropper is capable of installing Petya or Mischa onto a victim’s computer. While if no administrative privilege is obtained, Mischa will infect the victim.

While researching on Petya ransomware, Lawrence Abrams said that:

“Petya causes Windows to reboot in order to execute the new malicious ransomware loader, which will display a screen pretending to be CHKDSK. During this fake CHKDSK stage, Petya will encrypt the Master File Table on the drive. Once the MFT is corrupted, or encrypted in this case, the computer does not know where files are located, or if they even exist, and thus they are not accessible.”

There is a decrypting tool available to defend against Petya ransomware but not for Mischa. That’s somehow making RAAS a good business with lots of distributors and profit.

Tim O’Brien, Director of Threat Research at Cloud Security Automation Company, said that:

“Above all else, end user awareness and training regarding the screening of emails and downloading files is the first line of defense.”

Therefore, when it comes to protecting an organization against ransomware, backing up the devices regularly should be considered until counter application is not developed. The installation of reputable and trusted security solution is recommended so that ransom attack can be prevented including suspicious links and email attachments.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...


Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.