EXECUTIVE SUMMARY:

A ransomware-as-a-service (RaaS) group has devised a new revenue sharing scheme in conjunction with hackers. Any hacker who successfully carries out an attack passes a percentage of the bounty to the malware developers. The arrangement permits the developers to continue focusing on malware development, leaving the task of seeking out new attack targets to others. It also allows the developers to hide behind a curtain.

“Malware authors are looking to make profits with as low of a risk as possible and the RaaS/affiliate model does just that…we can expect the rise of RaaS and affiliate model programs to continue,” says one expert.

The state of ransomware, right now:

In the second quarter of 2020, the proportion of organizations that chose to pay ransomware fees increased. If it’s between losing the business or paying the fees, execs sometimes opt for the latter. Despite a resigned willingness to pay the fees and play the game, in recent months, even after hackers have restored files, organizations have begun to see rising levels of operating system and registry corruption.

The average ransomware payment to hackers has hit $170,000, according to one report. The favored payment method is still Bitcoin, although some have begun to shift towards Monero, as it offers a higher degree of privacy and anonymity.

Ransomware as a lucrative, growing industry:

Ransomware groups stash millions in the bank. One group alone extracted $60 million from victims across 18 months. As the cash pools grow, ransomware developers continue hiring more developers, and continue with affiliate programs, enabling them to operate as full-scale shadow businesses.

Ransomware has been around a long time, but 50% of IT professionals still assert that their industry isn’t adequately prepared to handle an incident. Share on X For more on this story, visit Cointelegraph.com.