Gentlemen’s RaaS has been identified on underground hacking forums, showcasing sophisticated attack capabilities with tools designed for Windows, Linux, and ESXi systems. Operated by the threat actor known as zeta88, this platform highlights an evolved ransomware delivery model, with a generous 90% share of ransom proceeds going to affiliates. This business approach not only incentivizes potential partners but also democratizes access to enterprise-level encryption malware, leading to an intensified threat landscape. Its effective architecture allows for rapid deployment and operational control through centralized decryption technology.
The malware’s design includes specific lockers coded in Go and C, aimed at maximizing its efficacy across different platforms. Researchers have noted significant technical features, such as a self-propagation ability using WMI and PowerShell commands, which facilitates lateral movement within networks. Furthermore, it utilizes advanced encryption methods, including XChaCha20 combined with Curve25519, ensuring detailed security measures for its operations. Overall, the emergence of Gentlemen’s RaaS represents a concerning trend in the proliferation of ransomware-as-a-service ecosystems, warranting close scrutiny from cybersecurity professionals.
👉 Pročitaj original: Cyber Security News
