A variant to software-as-a-service is the latest trend in cybercrime. Ransomware developers are selling their malware as a subscription service. The terrifying concept is a growing threat for businesses as petty cyber-theft (low-level attacks and ransom demands) become the norm and easily accessible to unsophisticated threat actors.
One such RaaS comes from the hacker group DarkSide. The group is also responsible for the recent attacks on the US pipeline that caused critical issues for the US government. Even though the group first emerged in 2020, it has since risen to prominence with its RaaS model.
“For initial access to networks, actors usually purchased access credentials on underground forums, conducted brute-force attacks, used spam campaigns to spread malware loaders, and/or bought access to popular botnets such as Dridex, TrickBot, and ZLoader,” Researchers said.
The group is financially motivated and considers itself apolitical. The group gains network access and moves laterally within it, deploys ransomware, and exfiltrates sensitive data.
With COVID-19 phishing schemes also on the rise, RaaS isn’t going anywhere. Asian countries have also witnessed a considerable increase in ransomware attacks.