Fatboy Ransomware-as-a-Service makes Debut
One fresh ransomware-as-a-service (RaaS) program known as 'Fatboy' can be seen advertised on cyber-crime portals that use Russian language. The program is unique in the sense it relies on some sort of sliding scale for deciding how much money to extort from the victims.
According to Recorded Future a Threat Intelligence Company, Fatboy utilizes Big Mac Index of The Economist magazine that lists the exchange rates for making sure victims from higher living standard areas are asked to pay larger ransoms than others from less costly areas for decrypting their encrypted files. Thus, victims of Fatboy from richer countries will be squeezed of more money compared to those living in less wealthy nations.
The data encoding malicious software is getting served via certain RaaS module, providing client support through Jabber as well as one "partner" panel to enable end-users towards deciphering stats on infection from country to country and from one time to another.
Prominent because of its unique ransom note, the Fatboy ransom software is quite same in the way CTB-Locker and Critroni have their ransom note. The two notes are also similar in their long-winded texts as well as lengthy HTML-based ransom declarations giving guides and instructions to contaminated users. Bleepingcomputer.com posted this online dated May 5, 2017.
It is reported that Fatboy RaaS' creator, starting 7th February, 2017, has made revenue of no less than $5,321 through his ransomware propaganda schemes of the product. Fatboy encodes individual files using the AES-256 algorithm using separate keys after which it encodes collectively all the keys using the RSA-2048 algorithm, while the malware handles more than 5,000 different file-extensions.
Recorded Future also points out that the high transparency within the partnership of Fatboy and RaaS possibly is one way for fast acquiring potential buyers' trust.
Evidently, Fatboy's advertisement does not give the amount of cut from individual victims. Further, it boasts of ransoms being paid the very day of infection. However, there is some encouraging news too as Michael Gillespie, security researcher tweets on twitter.com that there might be one method for unlocking files which the latest Fatboy ransomware encrypts.
» SPAMfighter News - 5/9/2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!