WHAT THE SUNDAY TERROR ATTACK MEANS FOR MALI—AND A... » WHAT THE SUNDAY TERROR ATTACK MEANS FOR MALI—AND AFRICA? At least two people have been killed in a ... Need to "Repeal the Perpetual Illegal Wars" » Charlie Savage of the New York Times reports in "Senators Wrestle With Updating Law Authorizing War ... After Terrorist Attack, Spain Rejected Its Hawks. ... » Email: sam@accuracy.org Husseini is communications director with the Institute for Public Accuracy.... Cisco includes Italtel’s enterprise SDN applicat... » Milan: Italtel has announced its Netwrapper application has been included in the official Cisco GPL ... InfinityQS upholds ISO 9001:2015 & ISO 27001:2013 ... » InfinityQS® International, Inc. (InfinityQS) has announced that it has successfully sustained its ce... New PT Application Firewall easier to deploy, co... » London: Cybersecurity expert Positive Technologies has announced a new version of its web applicatio... Logicalis acquires Packet Systems Indonesia to g... » London: Logicalis, an international IT solutions and managed services provider, together with Metrod... Revolutionary new AI event to launch in London -... » London: With discussion around artificial intelligence (AI) at an all-time high, MACHINA Summit.AI i... Basefarm acquires The unbelievable Machine Compa... » LONDON: Basefarm has announced their acquisition of the Berlin-based The unbelievable Machine Compan... PhishMe takes home SC Europe Awards 2017 » LONDON, UK: PhishMe® Inc. has announced that PhishMe Simulator™ and PhishMe Reporter® were recognise...

CLICK HERE TO

SOCIAL BOOKMARK

Talking Point Banner

According to new research from Recorded Future, a new ransomware Fatboy is being advertised on a Russian-language forum. The ransomware uses a dynamic new targeting strategy that changes the cost of the ransom depending on the victim’s location, using The Economist’s Big Mac Index as a reference.

 

Fatboy is also offered with a ransomware-as-a-service model, with customer support over Jabber, and even a “partner” panel for users to track statistics by country and time.

The research was published as a blog – it’s available online here (https://www.recordedfuture.com/fatboy-ransomware-analysis/)

Ilia Kolochenko, CEO of High-Tech Bridge gives his thoughts: We will see an important growth in the RaaS model in the near future. Many cybercriminals don’t want, or simply don’t have enough skills, to do all the administrative work involved in ransomware – billing, support, money laundering, etc. With the RaaS model, even a kid can successfully receive payments from the victims without bothering about anything but hacking user machines.

There is nothing sophisticated in the RaaS model, it’s just about making this type of cybercrime more accessible and affordable. This is a sign that the cybercrime industry is maturing, like a legitimate business.

The changes in targeting mean that victims from developed countries will probably pay more to get their data back.

In terms of combatting the threat better, first of all, we need to only keep the necessary software on user machines and make sure that all software, not only the OS, is up2date. Client-side security software and various security hardening mechanisms are also very important. Last but not least, continuous security monitoring and anomalies detection systems should be implemented.

Ransomware is about business, not about technology. All the components for ransomware (e.g. encryption mechanisms, exploit packs, etc) have existed for many years. However, with the ransomware approach, victims have no other simple way to get their data back other than to pay. Reliability and certainty of payment makes ransomware especially attractive for cybercriminals.