New VanHelsing ransomware targets Windows, ARM, ESXi systems

A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. VanHelsing was first promoted on underground cybercrime platforms on March 7, offering experienced affiliates a free pass to join while mandating a deposit of $5,000 from less experienced threat actors. The new ransomware operation was first documented by CYFIRMA late last week, while Check Point Research performed a more in-depth analysis published yesterday. Inside VanHelsing Check Point’s analysts report that VanHelsing is a Russian cybercrime project that forbids targeting systems in systems in CIS (Commonwealth of Independent States) countries. Affiliates are allowed to keep 80% of the ransom payments while the operators take a 20% cut. The payments are handled via an automated escrow system that employs two blockchain confirmations for security. VanHelsing advertisment inviting affiliates to join Source: Check Point Accepted aff ... Read full article.