Ransomware Gangs Using Data Leak Sites to Recruit New Affiliates

Security Intelligence -

Ransomware Gangs Using Leak Sites to Recruit New Affiliates

Ransomware gangs have a new technique to recruit affiliates: posting announcements on their own data websites. This provides a look into today’s so-called (RaaS), in which people can pay to have some of the work automated for them. This shift has come about in large part because two major ransomware forums banned gangs from promoting their RaaS schemes.

Take a look at what types of messaging a few groups are using on their sites to invite attackers in.

Boasting and Warnings Abound

In late June, the LockBit group announced a new version of their ransomware strain on their data leaks site. The malware authors announced a new recruitment session at the same time as their announcement of LockBit 2.0.

The gang claimed their product carried “unparalleled benefits [including] speed and self-spread function.” All an affiliate needed to do in an was “get access to the core server, while LockBit 2.0 will do all the rest.” Then, the infection would spread to all devices on the domain , they stated.

The Himalaya RaaS gang began looking

Read More: https://securityintelligence.com/news/ransomware-gangs-using-data-leak-sites-new-affiliates/