Ransomware gangs innovate with new affiliate models

The ransomware-as-a-service model is perpetually troubling for dropping the barrier to entry for aspiring ransomware actors, and two threat actors are innovating in the space with additional affiliate models.

Extended detection and response vendor Secureworks (owned by Sophos) published research detailing expanded affiliate models belonging to ransomware-as-a-service (RaaS) gangs DragonForce and Anubis.

As a model, ransomware-as-a-service (RaaS) has gained significant popularity in recent years. A threat actor typically sells or leases many of the tools a less experienced cybercriminal (or affiliate) would need to conduct a ransomware attack; the affiliate typically shares the proceeds from subsequent attacks with the operator.

Read more at Dark Reading