The source code of the .NET version of the Paradise ransomware was leaked on hacking forums over the weekend, Tom Malka, a senior threat intelligence analyst for security firm Security Joes, has told The Record today.
The code, which was shared on a Russian-speaking forum called XSS, represents the second major ransomware strain whose source code was leaked in recent years after the Dharma code leaked in early 2020.
Image: The Record
The authenticity of the leaked files was verified and confirmed by malware analysts Bart Blaze and MalwareHunterTeam, which previously analyzed several Paradise ransomware campaigns.
A short history of the Paradise ransomware
First spotted in September 2017, the Paradise ransomware was rented online to cybercrime gangs via a classic Ransomware-as-a-Service (RaaS) offering.
Threat actors would sign up for the Paradise RaaS, and they’d receive a specialized app, called a builder, which they’d use to build custom versions of the Paradise ransomware that they would later spread to victims via email spam and other methods.
While in recent years, we have gone accustomed to ransomware gangs going after high-profile companies, chasing large payments, the Paradise ransomware was primarily used to target home consumers and smaller companies.
Seeking small ransom payments, the Paradise RaaS was considered an entry point into the ransomware scene for criminal ga ..
Support the originator by clicking the read the rest link below.
