Ransomware as a Service System Goes Live

Many companies, hospitals, universities, banks and other financial institutions are being infected by ransomwares. Many ransomware are launched to the black market in this current year that affected victims to pay millions of ransom. Petya and Mischa, two of the most popular ransomwares of 2016 has already threatened businesses from its successful file encryptions.

The developers of Petya and Mischa ransomware have officially made their malicious software open to public, and started Ransomware as a Service (RAAS). The program has launched on July 25, 2016 that pays the distributor a fair share based on the amount of bitcoins they extort from victims.

The 25% share of each 5 bitcoin is paid; while on total of 125 bitcoin per week can earn you up to 85% share. More the bitcoin can adds more percent of share. The developers of RAAS are eager to work with serious distributors only to make most of it before any counter technique is developed.

Petya requires administrative privileges to run so that it can replace the Master Boot Record and encrypt the Master File Table (MFT), which contains critical information about every file. A single dropper is capable of installing Petya or Mischa onto a victim’s computer. While if no administrative privilege is obtained, Mischa will infect the victim.

While researching on Petya ransomware, Lawrence Abrams said that:

“Petya causes Windows to reboot in order to execute the new malicious ransomware loader, which will display a screen pretending to be CHKDSK. During this fake CHKDSK stage, Petya will encrypt the Master File Table on the drive. Once the MFT is corrupted, or encrypted in this case, the computer does not know where files are located, or if they even exist, and thus they are not accessible.”

There is a decrypting tool available to defend against Petya ransomware but not for Mischa. That’s somehow making RAAS a good business with lots of distributors and profit.

Tim O’Brien, Director of Threat Research at Cloud Security Automation Company, said that:

“Above all else, end user awareness and training regarding the screening of emails and downloading files is the first line of defense.”

Therefore, when it comes to protecting an organization against ransomware, backing up the devices regularly should be considered until counter application is not developed. The installation of reputable and trusted security solution is recommended so that ransom attack can be prevented including suspicious links and email attachments.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Why You Need a Disaster Recovery Plan (DRP)

Although an apocalyptic IT network disaster may be unthinkable, a company should plan for its eventual occurrence and remediation. Sooner or later, catastrophe will...

Access Target’s Webcam, Microphone, Device location, and more

Cybercriminals and black hat hackers exploit system vulnerabilities and human weaknesses as well. This hacking tutorial discusses how a malicious actor can access any...

The Benefits of Automated Penetration Testing

Penetration testing has been one of the industries that are relatively slow adopters of automation. As security firms started automating many parts of the...

Wii Features That We Loved The Most and Would Like to See on Other Consoles

The Wii was released in the US on November 19, 2006, for $249 and is the smallest of the 7th generation consoles. Its dimensions...