Equinix Breach: 7 Things To Know About Netwalker Ransomware Attacks
Despite only being active for six months, Netwalker has crippled schools, hospitals and governments and has already earned more than $25 million in ransom payments. Now that Equinix is the latest victim, here’s what the channel needs to know.
Netwalker Affiliates Must Be Skilled, Avoid Russian Targets
Netwalker revolutionized the way it conducted business in March 2020 with the shift to a network intrusion-focused, Ransomware-as-a-Service (RaaS) model. The new business model has allowed Netwalker to collaborate with other seasoned cybercriminals who already have access to large networks and have the ability to disseminate ransomware, according to Advanced Intelligence.
Netwalker expressed a preference for affiliates “who prioritize quality, not quantity,” which Advanced Intelligence said stands in stark contrast to other Russian-speaking ransomware actors, which often focus instead on mass production and brute force attacks. A month later, Netwalker clarified that its interest was only in experienced, Russian-speaking network intruders (English speakers not allowed).
Netwalker affiliates are prohibited from going after organizations located in Russia or other post-Soviet republics that are part of the Commonwealth of Independent States (CIS), Advanced Intelligence said. Affiliates must also guarantee that they will provide decryption to the victims upon receipt of a ransom payment, according to Advanced Intelligence.