LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

This Week's Initial Ransomware Offering (IRO) Calendar

RansomwareCheck out this sentence: “For the author, this business model enables them to scale their earnings from their software with less risk.”

I slightly modified the original, but we’re not talking about a franchise model for software or a cloud partnership program.  Instead we’re talking about ransomware, which has become so ubiquitous that it’s sometimes discussed as if it was an MBA class discussion

Indeed, it now has multiple business models, and Ransomware as a Service (RaaS) is gaining in popularity.

There are several different revenue and business models for RaaS. As a SaaS model, RaaS is offered to potential users on a monthly subscription basis, or as a one-time fee. Another common way that RaaS operators work is with an affiliate model. With the affiliate RaaS model, the RaaS operator takes a predetermined percentage of every ransom payout by victims who pay a ransom.

Let’s rewind slightly.  Ransomware is when someone breaks into your computer and encrypts it.  Typically, when you log on you’re greeted with a banner that instructs you to send Bitcoin to an address to get the decryption key.

That’s from the victim side.  But what about the ransomware entrepreneur?  He or she may have written an innovative new ransomware package, but they face the challenge of how to monetize it and all the operational hassles of running the scanning network, etc.

For the agile criminal, why not outsource the labor to a best-of-breed provider and focus on the customer acquisition operations (i.e., hacking)?   That’s RaaS.  Here’s how it works.

  1. An author writes a ransomware package
  2. They then partner with a RaaS operator who pays them a percentage of profits (or a one-time licensing fee) and in turn handles the backend campaign, encryption key management, and payments
  3. The product then has an IRO

That’s for Initial Ransomeware Offering…okay, I made that up but that’s essentially how it works.

According to Cloudflare:

RaaS services use a number of different revenue models. Providers may charge a flat-rate monthly subscription, take a percentage of their customers’ profits, use a hybrid of these two models, or charge a one-time licensing fee. Once a RaaS customer creates an account and makes their first payment (usually in Bitcoin), they can select the type of malware they would like to use.

This industry has fueled a surge in Ransomeware packages, according to Fortinet, who reports that the number of different Ransomware variants they track has doubled in the last year, to over 10,000.

I guess you could say that as the go-to-market” strategy has become easier, inventors are able to focus on their value-add.  There are millions of people who say sentences like this all day long, but they’re usually talking about phones, cars, or Shark Tank products, not ransomware.

Ransomware as a Service is an exciting new strategy.  The total addressable market is massive!

No Comments

    Leave a Reply

    Some notes on commenting on LowEndBox:

    • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
    • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
    • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

    Your email address will not be published.