Will attracting affiliates help fulfill the ambitions of cybercriminals?
In the world of cybersecurity, a new significant threat is gaining momentum — the ransomware group "Play", which allegedly appeared last year, actively uses the RaaS model to attract as many affiliates as possible.
As Adlumin reports in a recent report, this group provides its tools to other cybercriminals, and prices range from $ 200 for basic setup assistance to more than $ 1,000 for fully ready-to-use hacking tool kits.
The situation is compounded by the fact that "Play" is becoming more accessible to a wide range of criminals, including both experienced hackers and less qualified users, which can lead to an increase in the number of attacks.
Adlumin experts emphasize that they have recently observed an increase in the use of the PlayCrypt malware against small and medium-sized businesses. However, despite its effectiveness, this set of tools is not a universal solution for cybercriminals, since experienced cybersecurity specialists can still detect and prevent "Play" attacks.
Adlumin experts urge you to pay attention to signs of compromise, such as malicious IP addresses, domains, emails, and hashes.
Initially, the Play group was seen attacking government agencies in South America, and then expanded its activities to target the United States and Europe. This indicates the mercantile nature of the group, but does not exclude possible geopolitical ambitions.
A special feature of "Play" is the tactic of double extortion, when a separate fee is charged for unlocking encrypted data and not disclosing it to the public.
According to Adlumin, the increased standardization of "Play" attacks in recent months indicates the sale of a set of tools to other cybercrime groups that follow the instructions provided.
It is not difficult to purchase "Play" kits: just use the Tor browser and know the appropriate dark networks or markets. Adlumin also notes that the group also offers a variant of its tool for macOS operating systems, which were previously considered less vulnerable to cyber attacks.
However, with the proliferation of tools such as PlayCrypt, the opposite effect can also occur — unskilled criminals can make mistakes that will serve as "breadcrumbs" for the authorities, which will allow them to quickly identify hackers.
In the world of cybersecurity, a new significant threat is gaining momentum — the ransomware group "Play", which allegedly appeared last year, actively uses the RaaS model to attract as many affiliates as possible.
As Adlumin reports in a recent report, this group provides its tools to other cybercriminals, and prices range from $ 200 for basic setup assistance to more than $ 1,000 for fully ready-to-use hacking tool kits.
The situation is compounded by the fact that "Play" is becoming more accessible to a wide range of criminals, including both experienced hackers and less qualified users, which can lead to an increase in the number of attacks.
Adlumin experts emphasize that they have recently observed an increase in the use of the PlayCrypt malware against small and medium-sized businesses. However, despite its effectiveness, this set of tools is not a universal solution for cybercriminals, since experienced cybersecurity specialists can still detect and prevent "Play" attacks.
Adlumin experts urge you to pay attention to signs of compromise, such as malicious IP addresses, domains, emails, and hashes.
Initially, the Play group was seen attacking government agencies in South America, and then expanded its activities to target the United States and Europe. This indicates the mercantile nature of the group, but does not exclude possible geopolitical ambitions.
A special feature of "Play" is the tactic of double extortion, when a separate fee is charged for unlocking encrypted data and not disclosing it to the public.
According to Adlumin, the increased standardization of "Play" attacks in recent months indicates the sale of a set of tools to other cybercrime groups that follow the instructions provided.
It is not difficult to purchase "Play" kits: just use the Tor browser and know the appropriate dark networks or markets. Adlumin also notes that the group also offers a variant of its tool for macOS operating systems, which were previously considered less vulnerable to cyber attacks.
However, with the proliferation of tools such as PlayCrypt, the opposite effect can also occur — unskilled criminals can make mistakes that will serve as "breadcrumbs" for the authorities, which will allow them to quickly identify hackers.
