What is ransomware-as-a-service (RaaS)?

In the past few years, the dominating theme in IT media articles was none other than ransomware. Emerging a more elaborate threat than the previous one continues the reign of cyber terror. Needless to say, how much trouble and financial losses notorious Locky, Cerber, CryptoLocker, Dharma virus and similar caused for the virtual community. Besides, we can only guess the amount of money the professionally-made Spora ransomware will swindle from its victims. While their name might have sparked terror for ordinary users, others netizens, devoid of programming knowledge, secretly admired them[1]. News about earned millions of dollars encouraged them to look for a workaround. And so they found it – ransomware-as-a-service (RaaS).

The greed for money[2] inspired crypto-malware authors to look for additional ways to boost their profit. On the other side of a fence, users watched envious of how crooks multiplied their profit. News about the invincibility of file-encrypting threats and the rate of success – 49% of corporate users succumbed to hackers’ demands – fueled users’ desire to join the black market. Cyber villains were quick to spot a huge potential in such crowd of wannabe hackers. Likewise, ransomware as a service[3], or shortly, RaaS emerged.

How does this process work? Those who are working behind these viruses need to post a virus in a dark web with all necessary configuration information. Everyone who wants to join the game are required to download Tor browser and access the dark web. Afterward, they are asked to purchase the rights to distribution, access virus servers, and dashboards.

RaaS is booming

The developers of RaaS viruses[4] tend to collect a share, approximately ¼, of all the profits earned from their ransomware collaborators earned. The original malware creator also educates his henchmen how to distribute the virus via exploit kits and corrupted ads. Some of RaaS viruses can be spread just after joining the affiliate network. The first ones who offered such possibility are developers of Petya and Mischa rasomware viruses.

Last year, research reports unveiled that the RaaS ring is worth $2,5 million[4]. During this period, approximately 165 campaigns were discovered with much more news launched every day. The market is vivid and ever-evolving as viruses, previously known as ordinary ransomware, e.g. Spora virus, enter the market. Despite how dark and depressing the cyber future may look like, it is useful to remember that IT experts restlessly confront cyber criminals. Sooner or later, news about highly dangerous viruses come into daylight[5]. Latest threats stun with their complexity and penetration abilities, however, besides keeping your operating system up-to-date, retain common sense. Rational thinking might help you evade a virtual menace.

About the author
Julie Splinters
Julie Splinters - Anti-malware specialist

Julie Splinters is the News Editor of 2-spyware. Her bachelor was English Philology.

Contact Julie Splinters
About the company Esolutions

Read in other languages