Additional affiliates are being sought by the DragonForce and Anubis ransomware-as-a-service operations through the implementation of novel business models, reports The Record, a news site by cybersecurity site Recorded Future.
DragonForce, which emerged in August 2023, could expand its affiliate base with its recently introduced "cartel" model which provides malicious actors access to its infrastructure and operation management tooling while making its proprietary encryptor optional although shared infrastructure could also prove risky to its users, an analysis from Secureworks showed. On the other hand, Anubis, which was discovered in December, unveiled a trio of monetization schemes for affiliates dependent on the nature of intrusions, as well as intensified extortion tactics. Ongoing business model experimentation was regarded by Secureworks Counter Threat Unit Director of Threat Intelligence Rafe Pilling to be a logical move for RaaS operations following the dismantling of the LockBit ransomware group. "These two examples shine a light on some of how this is taking shape in the ecosystem. Understanding how these groups are operating, tooling, and monetizing is crucial in deploying the right defenses to secure people and businesses," added Pilling.
DragonForce, which emerged in August 2023, could expand its affiliate base with its recently introduced "cartel" model which provides malicious actors access to its infrastructure and operation management tooling while making its proprietary encryptor optional although shared infrastructure could also prove risky to its users, an analysis from Secureworks showed. On the other hand, Anubis, which was discovered in December, unveiled a trio of monetization schemes for affiliates dependent on the nature of intrusions, as well as intensified extortion tactics. Ongoing business model experimentation was regarded by Secureworks Counter Threat Unit Director of Threat Intelligence Rafe Pilling to be a logical move for RaaS operations following the dismantling of the LockBit ransomware group. "These two examples shine a light on some of how this is taking shape in the ecosystem. Understanding how these groups are operating, tooling, and monetizing is crucial in deploying the right defenses to secure people and businesses," added Pilling.
