Researchers at Trend Micro warn that a SolidBit ransomware variant is being distributed via fraudulent software targeting video game players and social media users. The malware is being packaged with a fake League of Legends account checker and an Instagram follower bot. These tools have been posted on GitHub to trick users into installing them.
“While it is not new for ransomware to disguise itself as a legitimate program or a tool as a social engineering lure, SolidBit’s new variant targets games and applications with a large user base,” the researchers write. “This allows SolidBit’s ransomware actors to cast a wide net of potential victims, and users who may not be well-versed in security hygiene, such as children or teenagers, could fall victim to fraudulent applications and tools, as was the case in previous Minecraft and Roblox malware infections.”
Trend Micro notes that the SolidBit gang is also using affiliates to distribute the ransomware.
“The malicious actors behind SolidBit aren’t just turning to malicious apps as a means of spreading the ransomware,” the researchers write. “A researcher found that the SolidBit ransomware group also posted a job advertisement on an underground forum on June 29 to recruit potential affiliates for their ransomware-as-a-service (RaaS) activities. These affiliates, who are tasked with penetrating a victim’s system and distributing SolidBit, stand to gain 80% of the ransomware payout as a commission.”
The researchers add that the SolidBit group will likely become an established player in the ransomware scene.
“The malware authors behind SolidBit ransomware appear to be gearing up to expand their operations through recruiting ransomware-as-a-service partners who will facilitate a wider scale of infection, on top of the distribution approach of their newly found variant,” Trend Micro says. “The large commission percentage that SolidBit’s authors offer is likely to attract other opportunistic threat actors, so we anticipate more activity from this ransomware group in the near future.”
New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for social engineering attacks.
Trend Micro has the story.