Close Menu
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
What's Hot

TwinH: A New Frontier in the Pursuit of Immortality?

How the Green Energy Transfer Will Increase Productivity in the UK

Nighteagle apt exploits Microsoft Exchange flaws to target China’s military and technical sectors

Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
Facebook X (Twitter) Instagram
Fyself News
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
Fyself News
Home » Three victims, $5,000 admission fee, multi-OS, and double horror tactics
Identity

Three victims, $5,000 admission fee, multi-OS, and double horror tactics

userBy userMarch 24, 2025No Comments4 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

March 24, 2025Ravi LakshmananMalware/Ransomware

The Ransomware-as-a-Service (RAAS) operation, known as Vanhelsing, has already claimed three casualties since its launch on March 7, 2025.

“The RAAS model allows a wide range of participants, from experienced hackers to newcomers, to participate in a $5,000 deposit. Affiliates will maintain 80% of ransom payments and core operators will earn 20%,” Checkpoint said in a report published over the weekend. “

“The only rule is not to target independent states (CIS).

Like affiliate-backed ransomware programs, Vanhelsing claims to provide the ability to target a wide range of operating systems, including Windows, Linux, BSD, ARM, and ESXI. They also employ what is called the double fear tor model, which involves stealing data before encryption, threatening to leak information unless the victim is rewarded.

The RAAS operator also revealed that the scheme provides a control panel that works “seamlessly” on both desktop and mobile devices, and supports dark mode.

What’s noteworthy about Vanhelsing is that reputable affiliates can now participate for free, but new affiliates will have to pay a $5,000 deposit to access the program.

Cybersecurity

Once released, the C++-based ransomware removes shadow copies, enumerates local and network drives, takes steps to encrypt files with extensions, then changes the desktop wallpaper, and ransom notes are removed by the victim system, prompting you to pay for Bitcoin.

It also supports various command line arguments to direct different aspects of ransomware behavior, such as the encryption mode to use, where it needs to be encrypted, spread the locker to an SMB server, and skip ransomware extensions in “silent” mode.

According to Cyfirma, government, manufacturing and pharmaceutical companies in France and the US have been targeted for the operation of new ransomware.

“With user-friendly control panels and frequent updates, Vanhelsing is becoming a powerful tool for cybercrime,” Check Point said. Within just two weeks of launch, it has already caused serious damage, infecting multiple victims and demanding a large ransom.

The emergence of Vanhelsing coincides with many developments in the ransomware situation –

Discovering new versions of Albabat ransomware that go beyond Windows to Linux and Macos, collecting Black Rock ransomware, a rebranded version of El Dorado, and becoming one of the most active Raas groups in 2025. A page that deploys malware that can establish initial access to compromised systems JavaScript-based malware framework is used to provide Ransomhub Ransomware, known as Socgholish (also known as FakeUpdates). CVE-2025-24472) Starting late January 2025, a threat actor called MORA_001 will be delivering the newly discovered ransomware stock codename Super Black. lockbit, and babuk issue fake fear tor requests to victims

According to statistics compiled by Bitdefender, February 2025 was the worst month for ransomware in history, recording 962 casualties from 425 victims of 962 casualties.

Cybersecurity

Another notable trend is the rise in remote encryption attacks that can damage unmanaged endpoints by ransomware attackers, leveraging that access to encrypt data on managed domain binding machines.

Telemetry data shared by Sophos has been revealed to have skyrocketed in 2024 with a 50% increase in remote encryption compared to the previous year, with a 141% increase since 2022.

“Remote encryption has now become a standard part of the ransomware group trick bag,” said Chester Wysniewsky, director of Sophos and global field CISO. “Every organization has a blind spot, and ransomware criminals quickly take advantage of weaknesses once discovered.”

“Criminals are increasingly seeking these dark horns and using them as camouflage. Companies need to be pushy to ensure visibility across the property and actively monitor suspicious file activity.”

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous Article23AndMe Files for Bankruptcy, Founder and CEO Anne Wojcicki resigns
Next Article Bank of America says under-radar baby boomer energy play is up 40%
user
  • Website

Related Posts

TwinH: A New Frontier in the Pursuit of Immortality?

July 4, 2025

Nighteagle apt exploits Microsoft Exchange flaws to target China’s military and technical sectors

July 4, 2025

AI Agent may be leaking data – Watch this webinar and learn how to stop it

July 4, 2025
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

TwinH: A New Frontier in the Pursuit of Immortality?

How the Green Energy Transfer Will Increase Productivity in the UK

Nighteagle apt exploits Microsoft Exchange flaws to target China’s military and technical sectors

Intestinal bacteria can cleanse the body of toxic PFAS chemicals

Trending Posts

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to Fyself News, your go-to platform for the latest in tech, startups, inventions, sustainability, and fintech! We are a passionate team of enthusiasts committed to bringing you timely, insightful, and accurate information on the most pressing developments across these industries. Whether you’re an entrepreneur, investor, or just someone curious about the future of technology and innovation, Fyself News has something for you.

TwinH: A New Frontier in the Pursuit of Immortality?

Meta’s Secret Weapon: The Superintelligence Unit That Could Change Everything 

Unlocking the Power of Prediction: The Rise of Digital Twins in the IoT World

TwinH: Digital Human Twin Aims for Victory at Break the Gap 2025

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
© 2025 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.