What’s even worse, however, is the growing problem of ransomware-as-a-service (RaaS) platforms, which basically let anyone subscribe to the ability to engage in cyberattacks without needing to come up with their own code. Now, researchers have discovered that the Satan ransomware “solution” is now included in its own RaaS offering, as ZDNet reports.
Satan is ransomware that encrypts a victim’s files using RSA-2048 and AES-246 cryptography, which is virtually impossible to decrypt. Therefore, victims are forced to pay the ransom to gain access to the keys needed to recover their data, by going to a Dark Web payment page using a Tor browser and handing over the required amount in Bitcoin currency.
Security research Xylitol first identified Satan as available via RaaS, and anyone who wants to use it for their own cyberattacks can create an account with the Satan domain located in the Dark Web and submit their bitcoin payment. They connect their bitcoin wallet to that account, set a decryption price, and download the malware executables.
It’s all very business as usual, apparently, with the Satan RaaS system going as far as to offer record-keeping functionality like fee payment records and transaction tracking. Satan RaaS customers even have access to customer-relationship management (CRM) features like the ability to attach notes to victim records, and technical support in the way training and instructions.
Satan RaaS customers agree to pay its developers up to 30 percent of the “revenues” generated from ransom payments. According to the Satan sign-up page, “Now, the most important part: the bitcoin paid by the victim will be credited to your account. We will keep a 30 percent fee of the income, so, if you specified a 1 BTC ransom, you will get 0.7 BTC and we will get 0.3 BTC. The fee will become lower depending on the number of infections and payments you have.”
Ransomware currently cost victims an estimated $1 billion in damages in 2016. With RaaS systems like this making it as easy to engage in ransomware campaigns as it is to send mass email messages, we imagine that those damages will be significantly higher in the years to come.
Editors' Recommendations
- What is the Antimalware Service Executable, and should you disable it?
- Ransomware attacks have spiked massively. Here’s how to stay safe
- A massive data breach has left Intel scrambling for solutions
- This new malware is targeting Facebook accounts – make sure yours is safe
- As ransomware hits this U.S. hospital, lives could be at risk
