Cybersecurity experts knew that fresh ransomware variants would be rapidly unveiled in 2017, continuing the successful legacy of the year prior which saw ransomware revenues topping the $1 billion mark. Unfortunately, the year thus far is probably exceeding expectations after new strains of the malicious malware entitled Popcorn Time and Spora were identified in January. Now a new strain has unveiled its dark presence and is aptly named, Satan, Prince of Darkness.
Satan is the latest unveiled malware threat in the form of Ransomware as a Service or RaaS. The premise behind RaaS is similar to most any Software as a Service offering in that a new variant of Ransomware is created and then marketed through distribution channels for customers to purchase. Hacker wannabees with little knowledge or skill set as well as regular folks with little or no scruples can subscribe to RaaS and essentially start a turnkey extortion business. Subscribers then distribute and deliver the nefarious malware to potential victims hoping for a hit. Each time a victim pays a ransom in culmination of their efforts, the subscriber and the ransomware creator split the take.
The Satan virus can be accessed via its dedicated website on the Tor network. Unlike earlier forms of RaaS that charge an upfront fee that ranges anywhere from $39 to $400, Satan is free. The site prominently posts the following explanation of its services:
Besides the ransomware itself, the creators offer a number of additional features as well including fee payment records and transaction tracking so that subscribers can see how many instances were successful and the amount of their payouts. In order to assist true amateurs, Satan provides easy to follow tutorials to assist subscribers in the creation of droppers that serve as the delivery mechanism of the malware through spam or drive by downloads. The Satan interface even includes an area in which subscribers can translate their ransomware into different languages in order to communicate with their victims to better guide them through the payment process. Like most recent ransomware releases, there is a customer service portal that allows subscribers to issue service requests. Once registered, subscribers are offered a public key for two-factor authentication and are required to connect a bitcoin wallet to their account in order to receive their share of the ransom payments.
For all of this, the creators of Satan only take a 30% cut although this commission rate can be negotiated once a subscriber achieves a high volume of successful transactions. The recommended ransom is currently one bitcoin.
Satan and other RaaS offerings are increasing the proliferation of ransomware as a greater volume of hackers, knowledgeable or not, partake in this profitable criminal activity. Due to the sheer simplicity of subscribing and implementing the Satan business plan, this new release is sure to darken the year ahead.
Ransomware creators continue to integrate innovations into their nefarious products. Some of the latest features include:
Thankfully so far recorded infection and exposure rates to the Satan malware are low. Saying that, 2017 looks to be another dark year for network security thanks to the escalating rate at which new ransomware variants are coming to market. Ransomware is the fastest growing malware threat today. The pace of evolution is also increasing, with each new variant more sophisiticated and dangerous than its predecessor. Security technologies should be simple and easy to deploy, complexities only introduce risk. Security must be inherent and pervasive across the organisation, that includes the entire network, the data center, on end points and in the cloud. Lean on your security vendors and leverage their in depth experience in order to increase your organisations security posture.
Sign-up for email updates...