Ever since two prominent Russian-speaking cybercrime forums banned ransomware-related topics [1, 2], criminal operations have been forced to promote their service through alternative methods.
At least two ransomware gangs in need of hackers to run the attacks have been using their sites to advertise features of their encryption tools to attract new recruits.
Showing off to tempt affiliates
About a week ago, LockBit ransomware gang announced a new major version for their tool, claiming significant improvement for the encryption speed.
To support their claim, the threat actor apparently tested versions of multiple ransomware pieces and published their measurements for file encryption speed.
With launching LockBit 2.0, the ransomware developers also announced a new affiliate recruitment session, highlighting that the encryption they use has not faltered since the operation started in September 2019.
The only thing you have to do is to get access to the core server, while LockBit 2.0 will do all the rest. The launch is realized on all devices of the domain network in case of administrator rights on the domain controller, says the LockBit ransomware gang.