Ransomware-as-a-Service

RansomHouse upgrades encryption with multi-layered data processing

December 22, 2025December 22, 2025 geekfeed0Tagged Encryption, Encryption Keys, Encryptor, Mario, RaaS, RansomHouse, ransomware, Ransomware-as-a-Service

The RansomHouse ransomware-as-a-service (RaaS) has recently upgraded its encryptor, switching from a relatively simple single-phase linear technique to a more complex, multi-layered method. In practice, the upgrades offer stronger encryption results, faster speeds, and better reliability on modern target environments, giving threat actors stronger leverage during post-encryption negotiations. RansomHouse launched in December 2021 as a data extortion […]

2 mins read

CyberVolk’s ransomware debut stumbles on cryptography weakness

December 15, 2025December 15, 2025 geekfeed0Tagged Cryptography, Encryptor, Flaw, Hacktivism, RaaS, ransomware, Ransomware-as-a-Service

The pro-Russia hacktivist group CyberVolk launched a ransomware-as-a-service (RaaS) called VolkLocker that suffered from serious implementation flaws, allowing victims to potentially decrypt files for free. According to SentinelOne researchers who examined the new ransomware family, the encryptor uses a hardcoded master key in the binary, which is also written in plaintext in a hidden file on […]

3 mins read

Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters

November 22, 2025November 22, 2025 geekfeed0Tagged Encryptor, In-Development, ransomware, Ransomware-as-a-Service, Scattered Lapsus$ Hunters, Sh1nySp1d3r, ShinyHunters

An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation. ShinySp1d3r is the name of an emerging RaaS created by threat actors associated with the ShinyHunters and Scattered Spider extortion groups. These threat actors have traditionally used other ransomware gangs’ encryptors in attacks, including ALPHV/BlackCat, Qilin, RansomHub, and DragonForce, but […]

6 mins read

Ransomware profits drop as victims stop paying hackers

October 29, 2025October 29, 2025 geekfeed0Tagged Double-Extortion, Extortion, Ransom, Ransom Payment, ransomware, Ransomware-as-a-Service

The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers’ demands. With some exceptions, the decline in payment resolution rates continues the trend that Coveware has observed for the past six years. In the first quarter of 2024, the payment percentage was […]

2 mins read

Malware devs abuse Anthropic’s Claude AI to build ransomware

August 31, 2025August 31, 2025 geekfeed0Tagged Abuse, Anthropic, Artificial Intelligence, Claude, RaaS, Ransom, ransomware, Ransomware-as-a-Service

Anthropic’s Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. The company says that its tool has also been used in fraudulent North Korean IT worker schemes and to distribute lures for Contagious Interview campaigns, in Chinese APT campaigns, and by […]

4 mins read

New VanHelsing ransomware targets Windows, ARM, ESXi systems

April 3, 2025April 3, 2025 geekfeed0Tagged RaaS, ransomware, Ransomware-as-a-Service, VanHelsing, VanHelsing ransomware

A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. VanHelsing was first promoted on underground cybercrime platforms on March 7, offering experienced affiliates a free pass to join while mandating a deposit of $5,000 from less experienced threat actors. The new ransomware operation was first documented […]

3 mins read