When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
ShadowSpear® is an unparalleled resource that defends your organizations against advanced cyber threats and attacks 24/7/365.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
Under Attack? Breach Response Hotline: Call 833.997.7327 (US/CAN)
SaaS, PaaS, IaaS, well what about RaaS? RaaS stands for Ransomware-as-a-Serivce. Threat Actors can employ a RaaS provider to gain access to their ransomware infrastructure. Smaug Ransomware, one of the latest strains of ransomware, is taking advantage of the RaaS model.
Threat Actors can use Smaug’s infrastructure via a Dark Web Onion site to download a payload with a customized ransom message, ransom price, and payment deadline. Once they deploy the payload to their target, the statistics can be viewed through Smaug’s dashboard. Features include how many hosts were infected, if the victim has visited the page, and whether or not the ransom was paid.
If a ransom is paid, it is deposited into a Bitcoin wallet owned by Smaug. Smaug keeps 20% of the ransom as a service fee and the Threat Actor can withdraw the rest. This, along with a 0.2 Bitcoin registration fee, is the price to use Smaug’s services.
“Smaug is a RaaS that makes it easy for threat actors to use ransomware to achieve objectives. The Smaug ransomware can run on all the three major operating systems opens up the potential for broader targeting.” -Anomali Threat Research
The easy use of the Smaug ransomware is what makes it a large threat to companies. Making ransomware attacks easier to perform will put it in the arsenal of many less skilled Threat Actors who would otherwise not have the technical aptitude to build and manage ransomware. A disgruntled employee with no technical background could simply hire Smaug and download the payload to begin encrypting their company’s environment.
Ransomware is already very attractive to Threat Actors because the potential payout is huge, and with services like Smaug, SpearTip believes the trend is only going to grow. An EDR tool such as SpearTip’s proprietary tool, ShadowSpear®, will ensure any applications that attempt to inject into a system’s memory, including ransomware payloads, will be prevented.
Identify, neutralize, and counter cyberattacks - provide confidence in your security posture
24/7 Breach Response: US/CAN: 833.997.7327
Main Office: 800.236.6550
1714 Deer Tracks Trail, Suite 150
St. Louis, MO 63131
©2024 SpearTip, LLC. All rights reserved.