The NetWalker ransomware – the scourge behind one of the recent Toll Group attacks – has transitioned to a ransomware-as-a-service (RaaS) model, and its operators are placing a heavy emphasis on targeting and attracting technically advanced affiliates, according to researchers. Traditionally, “technically advanced” and RaaS don’t tend to go together – after all, one of the benefits of the RaaS model is that newbie threat actors can simply rent the infrastructure and the tools they need to carry out an attack, rather than develop anything themselves. In the case of NetWalker however, the operators are bucking that trend. “The collective is selectively choosing the affiliates it collaborates with, creating an exclusive group of top-tier network intruders to execute its new RaaS business model,” said researchers with Advanced Intelligence, in a Tuesday posting. They added, “This new business model allows NetWalker to collaborate with other seasoned cybercriminals who already have access to large networks and have the ability to disseminate ransomware.” NetWalker’s creators, according to the analysis, has two methods that it uses to distribute its ransomware. One is the typical phishing and spam avenue used by most malware operators; and the other is via large-scale network infiltration. “NetWalker now claims a singular preference for network infiltration, which is novel to the Russian-speaking ransomware community,” explained the researchers, who added that in the…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-05-20 13:37:002020-05-20 13:37:00NetWalker Ransomware Gang Hunts for Top-Notch Affiliates
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org