Contact Us

Newsletter Sign-Up

1 min read

Zeppelin Reunites...the Ransomware. Not the Band. Sorry.

May 24, 2021 3:23:47 PM

zeppelin-on-stage-1200x803

I apologize to all of you Led Zepplinists in the audience, but I couldn't help myself. A fairly recent form of ransomware, called Zeppelin (duh) has reared its ugly head once again.

The software retails for about $2,300 on the Dark Web and gives customers decide how they use the software. This is atypical in the Ransomware-as-a-Service (RaaS) industry. Typically a RaaS provider and their partners split the ransom.

The Zeppelin developers are also known for favoring their regular customers, offering unique and favorable terms to those who've repeatedly bought from them.

Zeppelin can ultimately be traced back to the Buran or VegaLocker family of ransomware. The family is programed in the Delphi language, making it more difficult to reverse-engineer.

In the past, bad actors had previously relied on malvertising campaigns to spread VegaLocker, but in this case, Zeppelin uses more traditional methods, like exploiting VPN vulnerabilities and phishing.

Helpful Articles:

Phishing

https://www.security7.net/guide/social-engineering/what-is-a-phishing-attack

https://www.security7.net/news/what-is-phishing

VPN 

https://www.security7.net/news/an-ode-to-vpns-why-traditional-solutions-stink-three-replacements

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Carl Keyser

Written by Carl Keyser

Experienced Marketer & Graphic Designer. Professional skilled in Graphics, Branding & Identity, Typography, Adobe Creative Suite, Google Analytics, Google AdWords and HubSpot Inbound Marketing .

Featured