Check out this sentence: “For the author, this business model enables them to scale their earnings from their software with less risk.”
I slightly modified the original, but we’re not talking about a franchise model for software or a cloud partnership program. Instead we’re talking about ransomware, which has become so ubiquitous that it’s sometimes discussed as if it was an MBA class discussion
Indeed, it now has multiple business models, and Ransomware as a Service (RaaS) is gaining in popularity.
There are several different revenue and business models for RaaS. As a SaaS model, RaaS is offered to potential users on a monthly subscription basis, or as a one-time fee. Another common way that RaaS operators work is with an affiliate model. With the affiliate RaaS model, the RaaS operator takes a predetermined percentage of every ransom payout by victims who pay a ransom.
Let’s rewind slightly. Ransomware is when someone breaks into your computer and encrypts it. Typically, when you log on you’re greeted with a banner that instructs you to send Bitcoin to an address to get the decryption key.
That’s from the victim side. But what about the ransomware entrepreneur? He or she may have written an innovative new ransomware package, but they face the challenge of how to monetize it and all the operational hassles of running the scanning network, etc.
For the agile criminal, why not outsource the labor to a best-of-breed provider and focus on the customer acquisition operations (i.e., hacking)? That’s RaaS. Here’s how it works.
- An author writes a ransomware package
- They then partner with a RaaS operator who pays them a percentage of profits (or a one-time licensing fee) and in turn handles the backend campaign, encryption key management, and payments
- The product then has an IRO
That’s for Initial Ransomeware Offering…okay, I made that up but that’s essentially how it works.
RaaS services use a number of different revenue models. Providers may charge a flat-rate monthly subscription, take a percentage of their customers’ profits, use a hybrid of these two models, or charge a one-time licensing fee. Once a RaaS customer creates an account and makes their first payment (usually in Bitcoin), they can select the type of malware they would like to use.
This industry has fueled a surge in Ransomeware packages, according to Fortinet, who reports that the number of different Ransomware variants they track has doubled in the last year, to over 10,000.
I guess you could say that as the go-to-market” strategy has become easier, inventors are able to focus on their value-add. There are millions of people who say sentences like this all day long, but they’re usually talking about phones, cars, or Shark Tank products, not ransomware.
Ransomware as a Service is an exciting new strategy. The total addressable market is massive!
Related Posts:
Five Times When Updating Your OS Would Have Saved You From Being Hacked
Cloudflare Rolls Out New Features to Shield Content Creators from AI Bots
Get Ready to Scan Your Passport If You Want to Buy a VM This Summer
Will CloudFlare Protect Your Shared Hosting Against a DDoS Attack? Nope!
New Master of Coin: Cloudflare Welcomes New President of Revenue to Boost Growth Acceleration
Unlock the Secret Formula to Lightning-Fast Websites: Say Goodbye to Loading Screens Forever!

Raindog308 is a longtime LowEndTalk community administrator, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.
As an avid user of LowEndBox providers, Raindog runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.
Beyond the command line, Raindog is a lover of German Shepherds, high-quality knives, target shooting, theology, tabletop RPGs, and hiking in deep, quiet forests.
His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.
You can find him daily in the forums at LowEndTalk under the handle @raindog308.
Leave a Reply