Check Point has identified a new ransomware-as-a-service group named VanHelsing, which has emerged recently and is notable for targeting Microsoft Windows systems. Launched on March 7, the operation has already compromised three organizations, each facing ransom demands of $500,000. Moreover, the affiliate program has a notable structure, requiring new members to pay a $5,000 deposit while offering a high payout split to affiliates. Despite claims of cross-platform capability, all known victims so far are Windows users. The ongoing development and updates suggest that VanHelsing is rapidly evolving.
The ransomware is really fresh," Eli Smadja, research group manager at Check Point, told The Register Monday.
For example, they published the first announcement of the creation of the affiliate program on March 7.
The payout split favors affiliates, who pocket 80 percent of ransom payments, leaving the remaining 20 percent for the RaaS operators.
VanHelsing is a freshly developed ransomware strain, rather than a quick rebrand of existing malware code.
Collection
[
|
...
]