Skip to main content

Satan ransomware-as-a-service makes it easy to hold data hostage

Malware is bad enough when it’s the result of individuals or even groups that are engaging one-off attacks. Ransomware, for example, can be particularly devastating, going beyond merely taking over systems to use as botnets and simply stealing personal information to encrypting your vital data and holding it hostage for exorbitant ransoms.

What’s even worse, however, is the growing problem of ransomware-as-a-service (RaaS) platforms, which basically let anyone subscribe to the ability to engage in cyberattacks without needing to come up with their own code. Now, researchers have discovered that the Satan ransomware “solution” is now included in its own RaaS offering, as ZDNet reports.

Recommended Videos

Satan is ransomware that encrypts a victim’s files using RSA-2048 and AES-246 cryptography, which is virtually impossible to decrypt. Therefore, victims are forced to pay the ransom to gain access to the keys needed to recover their data, by going to a Dark Web payment page using a Tor browser and handing over the required amount in Bitcoin currency.

Security research Xylitol first identified Satan as available via RaaS, and anyone who wants to use it for their own cyberattacks can create an account with the Satan domain located in the Dark Web and submit their bitcoin payment. They connect their bitcoin wallet to that account, set a decryption price, and download the malware executables.

It’s all very business as usual, apparently, with the Satan RaaS system going as far as to offer record-keeping functionality like fee payment records and transaction tracking. Satan RaaS customers even have access to customer-relationship management (CRM) features like the ability to attach notes to victim records, and technical support in the way training and instructions.

Satan RaaS customers agree to pay its developers up to 30 percent of the “revenues” generated from ransom payments. According to the Satan sign-up page, “Now, the most important part: the bitcoin paid by the victim will be credited to your account. We will keep a 30 percent fee of the income, so, if you specified a 1 BTC ransom, you will get 0.7 BTC and we will get 0.3 BTC. The fee will become lower depending on the number of infections and payments you have.”

Ransomware currently cost victims an estimated $1 billion in damages in 2016. With RaaS systems like this making it as easy to engage in ransomware campaigns as it is to send mass email messages, we imagine that those damages will be significantly higher in the years to come.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
As ransomware hits this U.S. hospital, lives could be at risk
The CommonSpirit Health’s logo appears over the silhouette of a hacker.

A large U.S. hospital chain has been suffering from a serious security breach that has led to its computer records being taken offline. What seems to be a ransomware attack could be affecting the quality of health care provided, possibly even putting lives at risk.
According to the industry-focused news site HealthCareDive, the attack was described as an IT incident by CommonSpirit Health and reported on October 3, 2022. This is a huge hospital chain with 1,000 care sites and 140 hospitals nationwide so thousands of patients are affected. The current solution, according to a statement on CommonSpirit Health’s website, has been to take certain systems offline.

Like the rest of us, doctors and nurses are accustomed to the technology of the 21st century and have come to rely on computer records to take care of patients, plan care options, and organize data. Reverting to paper in an already hectic healthcare system must make the job torturous. We'll never know how many critical details slip through the cracks during a busy day.

Read more
This dangerous new hacker tool makes phishing worryingly easy
Computer user touching on Microsoft Word icon to open the program.

Setting up phishing campaigns for Microsoft 365 has become a relatively straightforward process due to a phishing-as-a-service (PhaaS) platform named Caffeine.

As reported by Bleeping Computer, the service offers a way for cybercriminals to target individuals in order to obtain access to their Microsoft 365 accounts.

Read more
New malware can steal your credit card details — and it’s spreading fast
An individual surrounded by several computers typing on a laptop.

A new, highly dangerous malware called "Erbium" has been making the rounds over the last couple of months, and it's highly likely that it will spread to new channels.

Erbium is an information-stealing tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more. Unfortunately, it's widely available, which means that it could be used in new ways in the future.

Read more