First hackers created a formidable ransomware. Then, when word got out about how to avoid this ransomware, they began to bundle a second ransomware to create an encryption catch-22. Now, the developers of the Petya and Mischa ransomware have adopted a Ransomware-as-a-Service model and have opened their nefarious malware up to distribution.
Anyone willing to send an entry fee to the developers can begin their own ransomware franchise, of sorts, working as affiliates. These affiliates are then paid a percentage of the booty based on the amount of ill-gotten funds they weasel out of their victims.
According to the welcome screen for those looking to utilize Petya, for bounties amounting to less than 5 Bitcoin each week, the affiliate receives a commission of 25 percent, whereas larger bounties (above 125 Bitcoin) are worth a considerably larger 85 percent of the haul. Clearly, these hackers are more focused on distributing their malware as widely as possible than they are on making a profit. The ransomware developers are providing their 125 Bitcoin-affiliates with a whopping $69,880.63 for sharing their program with victims who may have been previously unreachable.
As another incentive for cybercriminals to adopt the RaaS model, the author released online the keys to Chimera, another ransomware, allowing antivirus developers to create the means of neutralizing the older threat, thereby clearing the field for Petya and Mischa to dominate.
In doing so, the developers of Petya and Mischa have created a perfect storm to distribute their ransomware. By allowing unscrupulous individuals to make a quick buck (or Bit) for contributing to the spread of this ransomware, the developers succeeded in creating a deviously simple method to propagate their malware. Ultimately, this model of ransomware distribution brings in a significant sum of cash, despite sacrificing a pretty hefty portion of the incoming funds
Now that the dastardly duo that is Petya and Mischa is up for rent (with an upgraded Petya no longer vulnerable due to weak encryption) it is more important than ever to remain diligent against threats of all kinds, not only those that come via a misleading email. This diligence needs to become a concrete feature of your security protocol. Otherwise, your company could very well crumble after a RaaS attack or other assault.
Subscribe to our blog to keep up with all the latest news and alerts!