Ransomware as a Service System Goes Live

Many companies, hospitals, universities, banks and other financial institutions are being infected by ransomwares. Many ransomware are launched to the black market in this current year that affected victims to pay millions of ransom. Petya and Mischa, two of the most popular ransomwares of 2016 has already threatened businesses from its successful file encryptions.

The developers of Petya and Mischa ransomware have officially made their malicious software open to public, and started Ransomware as a Service (RAAS). The program has launched on July 25, 2016 that pays the distributor a fair share based on the amount of bitcoins they extort from victims.

The 25% share of each 5 bitcoin is paid; while on total of 125 bitcoin per week can earn you up to 85% share. More the bitcoin can adds more percent of share. The developers of RAAS are eager to work with serious distributors only to make most of it before any counter technique is developed.

Petya requires administrative privileges to run so that it can replace the Master Boot Record and encrypt the Master File Table (MFT), which contains critical information about every file. A single dropper is capable of installing Petya or Mischa onto a victim’s computer. While if no administrative privilege is obtained, Mischa will infect the victim.

While researching on Petya ransomware, Lawrence Abrams said that:

“Petya causes Windows to reboot in order to execute the new malicious ransomware loader, which will display a screen pretending to be CHKDSK. During this fake CHKDSK stage, Petya will encrypt the Master File Table on the drive. Once the MFT is corrupted, or encrypted in this case, the computer does not know where files are located, or if they even exist, and thus they are not accessible.”

There is a decrypting tool available to defend against Petya ransomware but not for Mischa. That’s somehow making RAAS a good business with lots of distributors and profit.

Tim O’Brien, Director of Threat Research at Cloud Security Automation Company, said that:

“Above all else, end user awareness and training regarding the screening of emails and downloading files is the first line of defense.”

Therefore, when it comes to protecting an organization against ransomware, backing up the devices regularly should be considered until counter application is not developed. The installation of reputable and trusted security solution is recommended so that ransom attack can be prevented including suspicious links and email attachments.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Become an Expert in Ethical Hacking

This article is mainly addressing the audience who wants to pursue their career in Cybersecurity as a professional that provides ethical hacking services, whether...

5 Cybersecurity Tips to Keep in Mind When Working From Home

  Due to the ongoing global health crisis, more and more people are being forced to work from their homes. In fact, Forbes estimates that about...

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...