A relative newcomer in the “malware-as-a-service” scene is starting to attract the big-money ransomware criminals.

Source: Buer Loader “malware-as-a-service” joins Emotet for ransomware delivery



Understanding malware as a service




MaaS Chaos. Is Malware-as-a-Service Growing?
In the legitimate business world, there’s something known as Software-as-a-Service, or SaaS. Here’s a definition: A software licensing-and-delivery model in which centrally located and controlled software is made available and licensed/rented on a subscription basis by users. SaaS clients are generally businesses.

Now, organized online crooks have moved into that space and business model too. It didn’t take long for that large-scale approach to not only hit the Internet, but to create a lucrative malware business for criminals who are selling viruses and more to anyone who wants it and is willing to pay for it. It’s “MBA-like” thinking for the purpose of making money by committing technologically based crimes.

Malware-as-a-Service is the latest term for the business of a network of sophisticated cyber-crooks providing illegal services, for a fee.



One of the reasons that cybercrime has grown so rapidly is that the criminals at the top of the “food chain” have built scalable business models for their crimes. This allows experienced hacking groups to collaborate, and new criminals to leverage the resources of veteran hackers. “Crime-as-a-service” is nothing new, but the tools change rapidly as crimeware developers work to exploit the latest vulnerabilities and stay ahead of security. The Emotet banking trojan has emerged as a leader in providing malware delivery services to other hacking groups, and you will want to make sure you understand and defend against this threat.

Emotet emerges as a leader in Malware-as-a-Service