DeathGrip RaaS | Small-Time Threat Actors Aim High With LockBit & Yashma Builders

Aug. 9, 2024, 11:39 a.m.

Description

This analysis examines the emergence of DeathGrip, a Ransomware-as-a-Service (RaaS) operation that provides threat actors with easy access to sophisticated ransomware builders like LockBit 3.0 and Yashma/Chaos. The accessibility of these tools enables even those with minimal technical skills to launch fully-developed ransomware attacks, posing a significant threat as the barrier to entry for extortion-focused cybercriminals continues to diminish. The proliferation of these tools contributes to the ongoing commoditization of ransomware across various capability levels.

External References

https://www.sentinelone.com/blog/deathgrip-raas-small-time-threat-actors-aim-high-with-lockbit-yashma-builders
https://otx.alienvault.com/pulse/66b5fb2eaf6e18aed9da4c04
Tags
ransomware
lockbit
2024-08-09
yashma
chaos

Date

  • Created: Aug. 9, 2024, 11:19 a.m.
  • Published: Aug. 9, 2024, 11:19 a.m.
  • Modified: Aug. 9, 2024, 11:39 a.m.

Indicators

  • 274844568a6a9ce334d71efeac21f528d7b54b2cd4377c978cc1270c6ad986c4
Download all indicators here!

Attack Patterns

  • Chaos - S0220
  • Yashma
  • LockBit
  • DeathGrip
  • T1135
  • T1490
  • T1489
  • T1486
  • T1564
  • T1105
  • T1134
  • T1059