There was a day when malware and ransomware attacks were only done by people who had some sort of coding knowledge. In those days we would all assume any “attack” came at from the hands of a criminal mastermind group and that our business was immune. Well, those days are over and ended with a single word, Philadelphia.
No, not the city of brotherly love, Philadelphia is the name of a recent RAAS or Ransomware as a Service software offering. You may have heard of HAAS (Hardware as a Service), or SAAS (Software as a Service), but now RAAS has hit the scene and anyone with a computer can now purchase a ransomware attack.
Why is Philadelphia a big deal?
Philadelphia changed the game. The creator, Rainmaker Labs, operates in many ways, as a legitimate software company. Those who purchase Philadelphia, get updates to the software, training videos, FAQs and support from the company to make sure ransomware attacks are successful. This means that people without much technical knowledge can plan and deploy very complex attacks. They have simplified Ransomware to a relatively simple graphical user interface (GUI) that can be used by almost anyone with basic computer knowledge.
“In addition to the marketing, the product itself is advanced with numerous settings buyers can tailor to better target how they attack their victims, including options to “Track victims on a Google map” and “Give Mercy”. Tips on how to build a campaign, set up the command-and-control center and collect money are also explained. It’s all right there. -Sophos (Ref)
Rainmaker Labs has spent a lot of time creating a very user-friendly and marketing forward website touting “Anti-Security Solutions That Work”. It is just as usable and visually appealing as any other software manufacturer and they offer discounts on sites such as AlphaBay.
How would the creators of Philadelphia introduce themselves at a networking event?
Rainmaker Labs is very proud of their product, and as we talked about, is marketing it and trying to get the word out through mainstream channels. So it is no surprise that they are happy to tell you about who they are and what they do.
“We are the folks at The_Rainmaker Labs. Perhaps you got to know us through our previous product, Stampado, a simple and easy to use ransomware that got in the news (Softpedia, Forbes, WSJ and a lot more) for bringing advanced features for just $39. Yes, we like to play with security, as you might have guessed. With Stampado, we could be able to understand what ransomware buyers seek on new products. After 1 and half month of “experiment”, we bring Philadelphia, to supply to all needs.”
Philadelphia exemplifies the common marketing strategies and features that are making RaaS so popular. By combining the practices of the legitimate software industry, such as documentation, regular feature updates and friendly user interfaces, RaaS services have made it far more viable for those with intent but not technical skill to execute relatively high-quality attack campaigns. -James Lyne
What do you need to do?
Ransomware has been around for a while, but software like Philadelphia is a sure sign that we will see more attacks, and with the ease of use and accessibility, most likely the number or attacks will go up exponentially. It is time for you to take a close look at your business and make sure you have a rock solid plan to avoid and restore from ransomware. Some things you need to consider:
- Do you have regular backups and a plan to restore from those backups if you are attacked?
- Do you have a copy of your backups off-site? Many times a ransomware will lock up everything on the network, which means that an onsite backup will do you no good.
- Are your people trained? The vast majority of Ransomware and malware attacks are preventable through user education. (Copyfish may be going under thanks to one click from an employee, find out more here)
- Are your computers on a regular patch schedule. Often attackers take advantage of known “holes” in software that can easily be fixed with regular patching and updating of your software.
Ransomware is now a part of the computer and business world. Taking preventative steps to avoid a Ransomware attack will save you time, money, frustration and potentially even your business.