Categories: Ransomware

Ranion Ransomware-as-a-Service launched on the Dark Web for ‘Educational Purposes’

Ransomware-as-a-Service (RaaS) gateway that as of late propelled on the Dark Web is hawking access to a completely working ransomware dispersion organize at to a great degree low costs.

Called Ranion, this new RaaS administration was found by Radware security Researcher Daniel Smith, who discovered it filed on a Dark Web URL indexing service.

In spite of cases that Ranion was made for “educational purposes only,” the gathering behind this new administration is offering access to its ransomware circulation organize at costs of 0.95 Bitcoin/year ($960/year) or 0.6 Bitcoin/6 months ($605/6 months)

Target File Types:

Ranion ransomware will target the following file types

.txt, .rtf, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .odt, .ods, .jpg, .jpeg,
 .png, .bmp, .csv, .sql, .mdb, .db, .accdb, .sln, .php,.jsp, .asp, .aspx,
 .html, .htm, .xml, .psd, .cs, .java, .cpp, .cc,.cxx, .zip, .pst, .ost, .pab,
 .oab, .msg

crooks said, they’re willing to extend the rundown with new extensions if clients need to target a greater amount of the client’s information.

As per the Ranion team, every purchaser will get access to a pre-arranged ransomware payload that takes a shot at both 32-bit and 64-bit Windows PCs, additionally to a backend board facilitated on the evildoer’s Tor concealed administration (.onion site).

When you will execute the Ransomware.exe it will encrypt any configured file type within PC (searching for files on C-Z HDDs) using an AES 256 key generated that will be sent to your C&C Dashboard. When finished it will create some README files on Desktop (in different languages) (already present eng, rus, ger, fra, esp, ita) and a banner message that will be executed to every Boot (providing details for payment to your Client). Our Ransomware doesn’t destroy your PC by encrypting exe files. Exes files will be not encrypted unless you want to do it.

Image source : Bleeping computer

      Ranion RaaS homepage                                      Ranion RaaS FAQ page

Ranion RaaS payments

Ranion’s less expensive plan of action may pull in more purchasers, yet many will likewise address if Ranion is a trick. To dispell any potential bits of gossip that they may be furtively capturing buy-off installments, the Ranion group is permitting purchasers to test their administration.

To wrap things up, the rental charge additionally incorporates access to the Ranion dashboard, which will furnish purchasers with data, for example, the ID of tainted PCs, the workstations’ usernames, and every casualty’s AES decryption key.

On the off chance that casualties pay, the Ranion RaaS gives a decrypter that “leaseholders” can send to influenced clients and permit them to recover their documents.

                                   Ranion RaaS contact page

A ransomware-as-as-service scheme is enabling even the most technically illiterate cybercriminal to extort payments from victims infected with data-encrypting malware — with the developers of the service taking a significant chunk of the ill-gotten gains.

“Ransomware attacks on businesses large and small reached 638 million last year, up from 2015’s 3.8 million, network security firm SonicWall has reported.”

In its 2017 Annual Threat Report, SonicWall said the rise of ransomware in 2016 was unlike anything it had seen in recent years, noting that the 634.2 million instance increase was “meteoric” in nature.

Also Read :

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

View Comments

Recent Posts

Zanubis Android Malware Harvests Banking Credentials and Executes Remote Commands

The Zanubis Android banking Trojan has evolved into a highly sophisticated threat, initially targeting financial…

3 hours ago

Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘Rent-a-Bank-Account’ Scam

Cybercriminals are exploiting vulnerable individuals by transforming them into unwitting money mules through a sophisticated…

4 hours ago

Worldwide Operation Shuts Down Hundreds of Ransomware Servers and Domains, Ending Key Attack Infrastructure

Law enforcement and judicial officials, working together with Europol and Eurojust, have dealt a devastating…

4 hours ago

Apple Blocked 2 million Malicious App & $9 Billion in Fraudulent Transactions

Apple has strengthened the App Store as a bulwark of confidence, a remarkable testament to…

5 hours ago

DragonForce Ransomware Actors Exploits RMM Tools to Gain Access to Organizations

Sophos Managed Detection and Response (MDR) successfully responded to a sophisticated targeted attack orchestrated by…

5 hours ago

Earth Lamia Hackers Exploits Vulnerabilities in Web Applications to Attack Multiple Industries

Cybersecurity researchers at Trend Research have uncovered the aggressive operations of Earth Lamia, an Advanced…

5 hours ago