Latest RaaS news

LockBit ransomware secretly building next-gen encryptor before takedown

LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely a future LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week.
- Bill Toulas
- February 22, 2024
- 08:51 AM
- 0
Knight ransomware source code for sale after leak site shuts down

The alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single buyer on a hacker forum by a representative of the operation.
- Bill Toulas
- February 20, 2024
- 11:28 AM
- 0
Alpha ransomware linked to NetWalker operation dismantled in 2021

Security researchers analyzing the Alpha ransomware payload and modus operandi discovered overlaps with the now-defunct Netwalker ransomware operation.
- Bill Toulas
- February 16, 2024
- 11:07 AM
- 0
Ransomware payments reached record $1.1 billion in 2023

Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs.
- Bill Toulas
- February 07, 2024
- 09:00 AM
- 1
New Nevada Ransomware targets Windows and VMware ESXi systems

A relatively new ransomware operation known as Nevada seems to grow its capabilities quickly as security researchers noticed improved functionality for the locker targeting Windows and VMware ESXi systems.
- Bill Toulas
- February 01, 2023
- 02:26 PM
- 1
Sponsored Content
The Dark Web is Getting Darker - Ransomware Thrives on Illegal Markets

The dark web is getting darker as cybercrime gangs increasingly shop their malware, phishing, and ransomware tools on illegal cybercrime markets.
- Sponsored by Specops Software
- December 14, 2022
- 10:33 AM
- 1
Microsoft: Exchange servers hacked to deploy BlackCat ransomware

Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities.
- Sergiu Gatlan
- June 13, 2022
- 01:14 PM
- 0
ALPHV BlackCat - This year's most sophisticated ransomware

The new ALPHV ransomware operation, aka BlackCat, launched last month and could be the most sophisticated ransomware of the year, with a highly-customizable feature set allowing for attacks on a wide range of corporate environments.
- Lawrence Abrams
- December 09, 2021
- 04:47 PM
- 0
Translated Conti ransomware playbook gives insight into attacks

Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation.
- Ionut Ilascu
- September 02, 2021
- 05:10 PM
- 0
Australian govt warns of escalating LockBit ransomware attacks

The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.
- Sergiu Gatlan
- August 08, 2021
- 10:00 AM
- 2
Clop ransomware is back in business after recent arrests

The Clop ransomware operation is back in business after recent arrests and has begun listing new victims on their data leak site again.
- Lawrence Abrams
- June 23, 2021
- 03:35 AM
- 0
Paradise Ransomware source code released on a hacking forum

The complete source code for the Paradise Ransomware has been released on a hacking forum allowing any would-be cyber criminal to develop their own customized ransomware operation.
- Lawrence Abrams
- June 15, 2021
- 11:56 AM
- 7
DarkSide ransomware will now vet targets after pipeline cyberattack

The DarkSide ransomware gang posted a new "press release" today stating that they are apolitical and will vet all targets before they are attacked.
- Lawrence Abrams
- May 10, 2021
- 11:40 AM
- 4
GandCrab ransomware affiliate arrested for phishing attacks

A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
- Lawrence Abrams
- March 09, 2021
- 10:07 AM
- 0
Ransomware is a multi-billion industry and it keeps growing

An analysis from global cybersecurity company Group-IB reveals that ransomware attacks more than doubled last year and increased in both scale and sophistication.
- Ionut Ilascu
- March 04, 2021
- 07:34 AM
- 1
Ryuk ransomware now self-spreads to other Windows LAN devices

A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims' local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021.
- Sergiu Gatlan
- February 26, 2021
- 12:37 PM
- 0
Egregor ransomware affiliates arrested by Ukrainian, French police

A joint operation between French and Ukrainian law enforcement has reportedly led to the arrests of several members of the Egregor ransomware operation in Ukraine.
- Lawrence Abrams
- February 14, 2021
- 01:46 PM
- 1
Dozens of ransomware gangs partner with hackers to extort victims

Ransomware-as-a-service (RaaS) crews are actively looking for affiliates to split profits obtained in outsourced ransomware attacks targeting high profile public and private organizations.
- Sergiu Gatlan
- November 16, 2020
- 02:36 PM
- 0
DarkSide ransomware is creating a secure data leak service in Iran

The DarkSide Ransomware operation claims they are creating a distributed storage system in Iran to store and leak data stolen from victims. To show they mean business, the ransomware gang has deposited $320 thousand on a hacker forum.
- Lawrence Abrams
- November 13, 2020
- 03:00 AM
- 0
REvil ransomware deposits $1 million in hacker recruitment drive

The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business.
- Lawrence Abrams
- September 28, 2020
- 01:30 AM
- 0