Summary: A new multi-platform ransomware-as-a-service operation called VanHelsing has emerged, targeting various operating systems, including Windows and Linux. It allows affiliates to keep 80% of ransom payments and employs sophisticated encryption methods and stealth tactics in its operations. The ransomware has already been used in attacks against at least three victims, with ransoms set at 0,000.
Affected: Various organizations, including technology companies and a city in Texas
Keypoints :
- VanHelsing is a Russian cybercrime project forbidding attacks on CIS countries.
- It offers high-level automation for affiliates with direct support from developers.
- Utilizes advanced encryption techniques and stealth modes to evade detection.
- Current known victims include two U.S. tech companies and one city in Texas.
- Ransom demand is set at 0,000, with threats to leak stolen data if unmet.