Today, the Petya and Mischa Ransomware devs have made their Ransomware as a Service, or RaaS, open to the public. For the past few months, the Petya & Mischa RaaS has been been in testing with a limited amount of supposed high volume distributors. As of today, any would-be criminal can signup and become an official distributor. Unfortunately, this will most likely lead to a greater amount of distribution campaigns for this ransomware.

Petya RaaS Welcome Screen
Petya RaaS Welcome Screen

The amount of money a distributor can generate is dependent on their payment volume. For example, according to the above chart, if the payment volume is lower than 5 bitcoins the affiliate only earns 25% of the payments. On the other hand, as the payment volume increases, the revenue share goes up, with an affiliate earning 85% of the payments if their volume is greater than or equal to 125 bitcoins in a week.

Unlike other ransomware services, the Petya & Mischa RaaS requires potential affiliates to send in a small amount of bitcoins, which equates to ~$1.00 USD, in order to register. Though this is not a lot of money, the RaaS states it is being done to "discourage timewasters and kiddies". They further state that this money will be refunded in the affiliates first revenue share payment.

A new RaaS is definitely not a good thing as it will only encourage people to distribute the ransomware. For the most part, Petya & Mischa have been targeting German businesses, but with this launch we may see more widespread distribution.


Related Articles:

The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants

SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords

The Week in Ransomware - November 2nd 2018 - RaaS, DiskCryptor, & More

New Ransomware using DiskCryptor With Custom Ransom Message

CommonRansom Ransomware Demands RDP Access to Decrypt Files