"SolidBit Ransomware Group Recruiting New Affiliates on Dark Web"

Security researchers at CloudSEK have discovered that a threat actor group named SolidBit is actively advertising RaaS (Ransom-as-a-Service) and looking to recruit new affiliates on dark web forums.  The researchers stated that the group is actively looking for partners to gain access to companies’ private networks in order to spread the ransomware called SolidBit.  In particular, according to a SolidBit post viewed by the researchers on an unnamed underground forum, 20% of the earned profit from the distribution of the ransomware will be paid to the affiliate for infecting private servers.  The researchers suggest that SolidBit may be a copycat of the LockBit ransomware.  The researchers stated that the malware is executed after downloading some malicious applications.  Upon extracting the repository and executing the application, all the files are encrypted with a .solibit extension, and the SolidBit ransomware pop-up appears, containing the ransom note.  The researchers recommended that to mitigate the impact of the malware, companies should enable tools and applications that prevent malicious programs from being executed, as well as updating and patching infrastructure fulcra such as servers and computer systems.

Infosecurity reports: "SolidBit Ransomware Group Recruiting New Affiliates on Dark Web"