SolidBit Ransomware Targets League of Legends Players

SolidBit Ransomware Targeting League PlayersResearchers at Trend Micro warn that a SolidBit ransomware variant is being distributed via fraudulent software targeting video game players and social media users. The malware is being packaged with a fake League of Legends account checker and an Instagram follower bot. These tools have been posted on GitHub to trick users into installing them.

“While it is not new for ransomware to disguise itself as a legitimate program or a tool as a social engineering lure, SolidBit’s new variant targets games and applications with a large user base,” the researchers write. “This allows SolidBit’s ransomware actors to cast a wide net of potential victims, and users who may not be well-versed in security hygiene, such as children or teenagers, could fall victim to fraudulent applications and tools, as was the case in previous Minecraft and Roblox malware infections.”

Trend Micro notes that the SolidBit gang is also using affiliates to distribute the ransomware.

“The malicious actors behind SolidBit aren’t just turning to malicious apps as a means of spreading the ransomware,” the researchers write. “A researcher found that the SolidBit ransomware group also posted a job advertisement on an underground forum on June 29 to recruit potential affiliates for their ransomware-as-a-service (RaaS) activities. These affiliates, who are tasked with penetrating a victim’s system and distributing SolidBit, stand to gain 80% of the ransomware payout as a commission.”

The researchers add that the SolidBit group will likely become an established player in the ransomware scene.

“The malware authors behind SolidBit ransomware appear to be gearing up to expand their operations through recruiting ransomware-as-a-service partners who will facilitate a wider scale of infection, on top of the distribution approach of their newly found variant,” Trend Micro says. “The large commission percentage that SolidBit’s authors offer is likely to attract other opportunistic threat actors, so we anticipate more activity from this ransomware group in the near future.”

New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for social engineering attacks.

Trend Micro has the story.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Ransomware

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews