Tuesday, December 24, 2024
HomeRansomwareRanion Ransomware-as-a-Service launched on the Dark Web for 'Educational Purposes'

Ranion Ransomware-as-a-Service launched on the Dark Web for ‘Educational Purposes’

Published on

SIEM as a Service

Ransomware-as-a-Service (RaaS) gateway that as of late propelled on the Dark Web is hawking access to a completely working ransomware dispersion organize at to a great degree low costs.

Called Ranion, this new RaaS administration was found by Radware security Researcher Daniel Smith, who discovered it filed on a Dark Web URL indexing service.

In spite of cases that Ranion was made for “educational purposes only,” the gathering behind this new administration is offering access to its ransomware circulation organize at costs of 0.95 Bitcoin/year ($960/year) or 0.6 Bitcoin/6 months ($605/6 months)

- Advertisement - SIEM as a Service

Target File Types:

Ranion ransomware will target the following file types

.txt, .rtf, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .odt, .ods, .jpg, .jpeg,
 .png, .bmp, .csv, .sql, .mdb, .db, .accdb, .sln, .php,.jsp, .asp, .aspx,
 .html, .htm, .xml, .psd, .cs, .java, .cpp, .cc,.cxx, .zip, .pst, .ost, .pab,
 .oab, .msg

crooks said, they’re willing to extend the rundown with new extensions if clients need to target a greater amount of the client’s information.

As per the Ranion team, every purchaser will get access to a pre-arranged ransomware payload that takes a shot at both 32-bit and 64-bit Windows PCs, additionally to a backend board facilitated on the evildoer’s Tor concealed administration (.onion site).

When you will execute the Ransomware.exe it will encrypt any configured file type within PC (searching for files on C-Z HDDs) using an AES 256 key generated that will be sent to your C&C Dashboard. When finished it will create some README files on Desktop (in different languages) (already present eng, rus, ger, fra, esp, ita) and a banner message that will be executed to every Boot (providing details for payment to your Client). Our Ransomware doesn’t destroy your PC by encrypting exe files. Exes files will be not encrypted unless you want to do it.

Image source : Bleeping computer

      Ranion RaaS homepage                                      Ranion RaaS FAQ page

Ranion RaaS payments

Ranion’s less expensive plan of action may pull in more purchasers, yet many will likewise address if Ranion is a trick. To dispell any potential bits of gossip that they may be furtively capturing buy-off installments, the Ranion group is permitting purchasers to test their administration.

To wrap things up, the rental charge additionally incorporates access to the Ranion dashboard, which will furnish purchasers with data, for example, the ID of tainted PCs, the workstations’ usernames, and every casualty’s AES decryption key.

On the off chance that casualties pay, the Ranion RaaS gives a decrypter that “leaseholders” can send to influenced clients and permit them to recover their documents.

                                   Ranion RaaS contact page

A ransomware-as-as-service scheme is enabling even the most technically illiterate cybercriminal to extort payments from victims infected with data-encrypting malware — with the developers of the service taking a significant chunk of the ill-gotten gains.

“Ransomware attacks on businesses large and small reached 638 million last year, up from 2015’s 3.8 million, network security firm SonicWall has reported.”

In its 2017 Annual Threat Report, SonicWall said the rise of ransomware in 2016 was unlike anything it had seen in recent years, noting that the 634.2 million instance increase was “meteoric” in nature.

Also Read :

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

17M Patient Records Stolen in Ransomware Attack on Three California Hospitals

A staggering 17 million patient records, containing sensitive personal and medical information, have been...

NotLockBit – Previously Unknown Ransomware Attack Windows & macOS

A new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat...

US Charged Chinese Hackers for Exploiting Thousands of Firewall

The US Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence...