Skip to main content

Satan ransomware-as-a-service makes it easy to hold data hostage

ransomware wannacry exploit attacking pc security padlock
Maksim Kabakou/Shutterstock.com
Malware is bad enough when it’s the result of individuals or even groups that are engaging one-off attacks. Ransomware, for example, can be particularly devastating, going beyond merely taking over systems to use as botnets and simply stealing personal information to encrypting your vital data and holding it hostage for exorbitant ransoms.

What’s even worse, however, is the growing problem of ransomware-as-a-service (RaaS) platforms, which basically let anyone subscribe to the ability to engage in cyberattacks without needing to come up with their own code. Now, researchers have discovered that the Satan ransomware “solution” is now included in its own RaaS offering, as ZDNet reports.

Satan is ransomware that encrypts a victim’s files using RSA-2048 and AES-246 cryptography, which is virtually impossible to decrypt. Therefore, victims are forced to pay the ransom to gain access to the keys needed to recover their data, by going to a Dark Web payment page using a Tor browser and handing over the required amount in Bitcoin currency.

Security research Xylitol first identified Satan as available via RaaS, and anyone who wants to use it for their own cyberattacks can create an account with the Satan domain located in the Dark Web and submit their bitcoin payment. They connect their bitcoin wallet to that account, set a decryption price, and download the malware executables.

It’s all very business as usual, apparently, with the Satan RaaS system going as far as to offer record-keeping functionality like fee payment records and transaction tracking. Satan RaaS customers even have access to customer-relationship management (CRM) features like the ability to attach notes to victim records, and technical support in the way training and instructions.

Satan RaaS customers agree to pay its developers up to 30 percent of the “revenues” generated from ransom payments. According to the Satan sign-up page, “Now, the most important part: the bitcoin paid by the victim will be credited to your account. We will keep a 30 percent fee of the income, so, if you specified a 1 BTC ransom, you will get 0.7 BTC and we will get 0.3 BTC. The fee will become lower depending on the number of infections and payments you have.”

Ransomware currently cost victims an estimated $1 billion in damages in 2016. With RaaS systems like this making it as easy to engage in ransomware campaigns as it is to send mass email messages, we imagine that those damages will be significantly higher in the years to come.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
New malware can steal your credit card details — and it’s spreading fast
An individual surrounded by several computers typing on a laptop.

A new, highly dangerous malware called "Erbium" has been making the rounds over the last couple of months, and it's highly likely that it will spread to new channels.

Erbium is an information-stealing tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more. Unfortunately, it's widely available, which means that it could be used in new ways in the future.

Read more
This game lets hackers attack your PC, and you don’t even need to play it
Genshin Impact characters.

Hackers have been abusing the anti-cheat system in a massively popular game, and you don't even need to have it installed on your computer to be affected.

The game in question is called Genshin Impact, and according to a new report, hackers are able to utilize the game's anti-cheat measures in order to disable antivirus programs on the target machine. From there, they're free to conduct ransomware attacks and take control of the device.

Read more
Hacking-as-a-service lets hackers steal your data for just $10
A depiction of a hacker breaking into a system via the use of code.

A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered -- and it’s gaining traction.

As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.

Read more