Threat Actors Leverage Leaked Ransomware Source Code To Offer DeathGrip RaaS
DeathGrip Ransomware As A Service (RaaS) started offering services in June of 2024 providing ransomware builder tools to its subscribers even those with less technical skills. DeathGrip is advertises on platforms like Telegram where criminals can easily access the tools needed to carry out these attacks. The developers behind DeathGrip have leveraged leaked source code from other ransomware variants including LockBit 3.0 and Yashma/Chaos ransomware families. Just like the variants they are sourced from once the ransomware is activated it locks the victims files and demands a payment to unlock them. RaaS offering such as DeathGrip are concerning as they allow anyone willing to pay the opportunity to target users and organizations without requiring the skills to develop their own ransomware.