Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

SolidBit Ransomware Targets League of Legends Players

Stu Sjouwerman | Aug 11, 2022

SolidBit Ransomware Targeting League PlayersResearchers at Trend Micro warn that a SolidBit ransomware variant is being distributed via fraudulent software targeting video game players and social media users. The malware is being packaged with a fake League of Legends account checker and an Instagram follower bot. These tools have been posted on GitHub to trick users into installing them.

“While it is not new for ransomware to disguise itself as a legitimate program or a tool as a social engineering lure, SolidBit’s new variant targets games and applications with a large user base,” the researchers write. “This allows SolidBit’s ransomware actors to cast a wide net of potential victims, and users who may not be well-versed in security hygiene, such as children or teenagers, could fall victim to fraudulent applications and tools, as was the case in previous Minecraft and Roblox malware infections.”

Trend Micro notes that the SolidBit gang is also using affiliates to distribute the ransomware.

“The malicious actors behind SolidBit aren’t just turning to malicious apps as a means of spreading the ransomware,” the researchers write. “A researcher found that the SolidBit ransomware group also posted a job advertisement on an underground forum on June 29 to recruit potential affiliates for their ransomware-as-a-service (RaaS) activities. These affiliates, who are tasked with penetrating a victim’s system and distributing SolidBit, stand to gain 80% of the ransomware payout as a commission.”

The researchers add that the SolidBit group will likely become an established player in the ransomware scene.

“The malware authors behind SolidBit ransomware appear to be gearing up to expand their operations through recruiting ransomware-as-a-service partners who will facilitate a wider scale of infection, on top of the distribution approach of their newly found variant,” Trend Micro says. “The large commission percentage that SolidBit’s authors offer is likely to attract other opportunistic threat actors, so we anticipate more activity from this ransomware group in the near future.”

New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for social engineering attacks.

Trend Micro has the story.

Topics: Ransomware

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

Stu Sjouwerman

ABOUT STU SJOUWERMAN

Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Read more from Stu »

Subscribe the KnowBe4 Blog

Version_2F_225x600

Posts By Topic

View all topics >