Threat Database Ransomware RaaSberry Ransomware

RaaSberry Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Ranking: 17,008
Threat Level: 100 % (High)
Infected Computers: 68
First Seen: July 14, 2017
Last Seen: June 26, 2023
OS(es) Affected: Windows

The RaaSberry Ransomware is a ransomware project that was first observed on July 14, 2017. The RaaSberry Ransomware is a RaaS (Ransomware as a Service) platform that is used to allow con artists to carry out ransomware attacks easily and effectively, without having to develop the ransomware Trojan themselves. The RaaSberry Ransomware was announced on the Dark Web, and the con artists that want to take advantage of the RaaSberry Ransomware platform have various options on the types of products and attacks that they can purchase. The RaaSberry Ransomware represents a real threat to computer users, and steps should be taken to eradicate this and other threats immediately.

The RaaSberry Ransomware Trojan and Its RaaS Campaign

There are several packages priced differently, allowing con artists to carry out different levels of attacks. There are packages named Plastic, Bronze, Silver, Gold, and Platinum, each offering the con artists a different level of access and support. The cheapest version of the RaaSberry Ransomware can be purchased for $60 USD, while the most expensive costs $650 USD. The prices are listed using BitCoins, which is the preferred currency used for these illicit enterprises because it offers the con artists using it anonymously.

The people that purchase a RaaSberry Ransomware package receive technical support and resources for creating Command and Control servers, which are used by the RaaSberry Ransomware to communicate with its operators. The con artists providing the RaaSberry Ransomware do not handle distribution, and those purchasing the RaaSberry Ransomware may choose their preferred method, which could include spam email attachments, corrupted online links, directly hacking into computers or countless other ways of delivering threats to victims. However, the servers required to support the RaaSberry Ransomware attack and handle payment issues are handled by the RaaS providers.

How the RaaSberry Ransomware Attack Works

Like other ransomware Trojans, the RaaSberry Ransomware is designed to encrypt the victims' files, and then demand the payment of a ransom. The RaaSberry Ransomware will infect all computers running the Windows operating system, going as far back as Windows XP and operating system versions as recent as Windows 10. The RaaSberry Ransomware uses the AES and RSA encryptions to make the victim's files inaccessible, making it nearly impossible to recover the files encrypted by the RaaSberry Ransomware attack. After encrypting the victim's files, the RaaSberry Ransomware will display a ransom message, which alerts the computer user of the attack and demands the payment of a ransom. The RaaSberry Ransomware RaaS offers multi language support, offering customers the choice between the following languages for its ransom note: English, Mandarin, Hindi, Portuguese, Arabic, Spanish, Russian, Vietnamese, Japanese, Italian, German, French, Tamil, Korean and Punjabi.

In its attack, the RaaSberry Ransomware will encrypt files with certain file extensions. The following are examples of file types that may be targeted in these attacks, made inaccessible through the RaaSberry Ransomware's encryption algorithm:

.aif, .apk, .arj, .asp, .bat, .bin, .cab, .cda, .cer, .cfg, .cfm, .cpl, .css, .csv, .cur, .dat, .deb, .dmg, .dmp, .doc, .docx, .drv, .gif, .htm, .html, .icns, .iso, .jar, .jpeg, .jpg, .jsp, .log, .mid, .mp3, .mp4, .mpa, .odp, .ods, .odt, .ogg,.part, .pdf, .php, .pkg, .png, .ppt, .pptx, .psd, .rar, .rpm, .rss, .rtf, .sql, .svg, .tar.gz, .tex, .tif, .tiff, .toast, .txt, .vcd, .wav, .wks, .wma, .wpd, .wpl, .wps, .wsf, .xlr, .xls, .xlsx, .zip.

Protecting Your Data from Threats Like the RaaSberry Ransomware

The best protection against the RaaSberry Ransomware and other ransomware Trojans is to have backup copies of your files. Having backup copies means that con artists will not have the power to demand that you pay a ransom since you could simply restore the files from the backup copy. Apart from a backup system, a dedicated security program that is fully up to date should be used to protect your computer from the RaaSberry Ransomware and other ransomware threats.


Most Viewed