fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ransomware Gangs Now Creating Websites to Recruit Affiliates

Ransomware Gangs Now Creating Websites to Recruit Affiliates

Ever since two prominent Russian-speaking cybercrime forums banned ransomware-related topics [12], criminal operations have been forced to promote their service through alternative methods.

At least two ransomware gangs in need of hackers to run the attacks have been using their sites to advertise features of their encryption tools to attract new recruits.

Showing off to tempt affiliates

About a week ago, LockBit ransomware gang announced a new major version for their tool, claiming significant improvement for the encryption speed.

To support their claim, the threat actor apparently tested versions of multiple ransomware pieces and published their measurements for file encryption speed.

With launching LockBit 2.0, the ransomware developers also announced a new affiliate recruitment session, highlighting that the encryption they use has not faltered since the operation started in September 2019.

“The only thing you have to do is to get access to the core server, while LockBit 2.0 will do all the rest. The launch is realized on all devices of the domain network in case of administrator rights on the domain controller,” says the LockBit ransomware gang.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts for your Business

LockBit ransomware looking for new affiliates

To attract partners, LockBit claims to offer the fastest encryption and file-stealing (StealBit) tools “all over the world.”

This move from LockBit comes after the actor in late May tried to get ransomware talks back on a popular Russian-speaking forum by proposing a private section only for “authoritative users, in whom there is no doubt.”

While one user thought this to be a good idea, they also pointed out that the ransomware topic “is now better known than ISIS terrorists,” meaning that the forum would get unwanted attention.

LockBit proposes private section on hacker forum

Another gang promoting their ransomware-as-a-service (RaaS) operation on their website recently is Himalaya, an actor that started its activity this year.

Except for using their site to spread the word, Himalaya does not seem any different than other ransomware programs. They advertise a 70% commission for affiliates and an “already configured and compiled FUD [Fully UnDetectable]” file-encrypting malware.

As seen from the announcement below, Himalaya lays out a strict rule about the targets and apparently does not allow attacking healthcare, public, and non-profit organizations. 

Himalaya ransomware advertises its RaaS operation

Also Read: Data Protection Officer Singapore | 10 FAQs

While BleepingComputer knows of just LockBit and Himalaya to actively advertise their RaaS operation on their websites at the moment, other ransomware gangs could adopt the tactic if it proves successful.

Threat intelligence company KELA says that not all ransomware groups are this loud in their search for affiliates, though.

The REvil gang, for instance, prefers to operate discretely and relies on its network of affiliates and connections to get new partners when they need them, KELA says.

In mid-May, immediately after ransomware got banned on one forum, the REvil group announced that they would carry their activity in private.

Other prominent groups are likely to keep their head low considering the active hunt for ransomware actors that intensified after DarkSide encrypted Colonial Pipeline systems, disrupting fuel distribution in the U.S., especially on the East Coast.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us