216.73.217.172

VanHelsing: New RaaS in Town

· Published 23/03/2025 15:40 · Modified 24/03/2025 13:48

Export JSON

Essential information

Published
23/03/2025 15:40
Modified
24/03/2025 13:48
Tags
2025-03-23 affiliate program cybercrime encryption evasion techniques multi-platform ransomware-as-a-service vanhelsing
Related entities
1 intrusion sets (apt), 18 techniques (mitre), 1 malware

Description

RaaS, a new program launched on March 7, 2025, has quickly gained traction in the world. With a low $5,000 deposit for affiliates, it offers an 80% cut of ransom payments. The service provides a user-friendly control panel and targets multiple platforms, including Windows, Linux, BSD, ARM, and ESXi systems. Within two weeks of its launch, infected three victims, demanding large ransoms. The ransomware, written in C++, is actively evolving, with two variants discovered just five days apart. It employs various techniques to evade detection, including a 'Silent' mode and selective of files. The rapid growth and sophistication of VanHelsin gRaaS highlight the increasing threat of ransomware attacks.

External references