Thursday, March 28, 2024

“Ransomware as a Service” Provide SATAN Ransomware in Dark web to Make Money

Security researcher Xylitol Discovered a new Ransomware as a Service, or RaaS, called Satan.This administration permits any wannabe criminal to enroll a record and make their own one of a kind tweaked variant of the Satan Ransomware.
Once the ransomware is made, it is then up to the criminal to decide how they will disperse the ransomware, while the RaaS will handle the payoff installments and including new components.

Dark web Link :” http://satan6dll23napb5.onion “

For this administration, the RaaS designer takes a 30% cut of any installments that are made by casualties. As indicated by the ad for the Satan RaaS, the designer will diminish their cut contingent upon the volume of installments got by a partner.

It’s all very business as usual, apparently, with the Satan RaaS system going as far as to offer record-keeping functionality like fee payment records and transaction tracking.

Satan RaaS customers even have access to customer-relationship management (CRM) features like the ability to attach notes to victim records, and technical support in the way training and instructions.

Satan RaaS customers agree to pay its developers up to 30 percent of the “revenues” generated from ransom payments. According to the Satan sign-up page, “Now, the most important part: the bitcoin paid by the victim will be credited to your account. We will keep a 30 percent fee of the income,

so, if you specified a 1 BTC ransom, you will get 0.7 BTC and we will get 0.3 BTC. The fee will become lower depending on the number of infections and payments you have.”

The Satan RaaS

When a person first goes to the Satan RaaS they will be greeted with a home page that describes what the service is and how a criminal can make money with it.

Once a user registers an account and logs in, they will be greeted with an affiliate console that contains various pages that they can use to help distribute their ransomware.

These pages are the Malwares, Droppers, Translate, Account, Notices, and Messages pages.

The first page that is shown when someone logs in is the Malwares page, which allows a criminal to configure various settings of their very customized version of the Satan Ransomware. In terms of customization, there is not really many options.

A user can specify the ransom amount, how much it goes up after a certain amount of the days, and the amount of days that the ransom payment should increase.

The Satan platform contains a number of other features including fee payment records, transaction tracking, Satan version releases, and dropper creation.

Users can also create “notes” related to their victims, learn about how to set up gateway proxies, and are given instructions on how to test their malware on a physical machine.

Lastly, Satan’s creators warn users not to upload their malware to VirusTotal or other online scanners — as doing so will give white-hat researchers the code sample required to update and protect Windows machines from the threat.

Website

Latest articles

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles