A new ransomware-as-a-service (RaaS) is said to have a unique method for setting the ransom amount based on the victim’s location.
The author claims a payment scheme is used to determine the ransom amount, based on The Economist’s Big Mac Index. This means that victims in areas with higher costs of living are being charged more to have their data decrypted.
The RaaS called Fatboy was first spotted on March 24 on a popular Russian cyber-criminal forum where a member was advertising it as a ‘partnership’, promising support and guidance through Jabber. Cyber criminals with an interest in the Fatboy RaaS would partner directly with the author and are promised instant payments once the victim pays the ransom.
The author claims the malware is written in C++ and works on all Windows versions (x86/x64). Cryptolocker development and support are also included in the partnership, including a multi-language interface with support for 12 languages available.
This trend of Ransomware-as-a-Service has become incredibly lucrative as more cybercriminals want to make a cut in the black-market. NNT’s CTO, Mark Kedgley, advises, “A two-pronged approach to defend against ransomware attacks- get layered defenses in place, but also back it up with real-time Host Intrusion Detection through File Integrity Monitoring, ensuring that if a cyber-attack proves successful, at the very least you get to know about it.”