Introducing RansomHub, the next generation affiliate program for ransomware enthusiasts. Built upon a careful analysis of past affiliate programs, RansomHub offers a new approach to ensure the security of affiliates’ funds and operations. Unlike previous programs where affiliates faced risks of police seizures or fraudulent activities, RansomHub introduces a secure payment strategy. Affiliates can now send their wallets to the chat room and receive the decryptor only after confirming payment, ensuring the safety of their funds.
With a generous split of 90/10%, where 90% of the profits go to the affiliate, RansomHub prioritizes rewarding its partners. The program features a sophisticated Locker written in Golang and C++, utilizing advanced encryption algorithms such as x25519 and aes256 chacha20 xchacha20. This ensures high-speed encryption and supports various architectures including Windows, Linux, and ESXi. The Locker boasts capabilities like intranet propagation, Safe Mode encryption, and disconnected encryption, enhancing its versatility and effectiveness.
The RansomHub panel operates on separate onion domains, offering comprehensive management of targets and chat rooms. Affiliates can monitor target accesses, access logs, and utilize offline auto-reply features. Additionally, the panel facilitates the creation of private blog pages for negotiation and proofing purposes.
To join the program, affiliates require endorsements from existing members, evidence of cooperation with other RaaS groups, and forum IDs with a strong reputation. A deposit is also required, which is returned after the first successful payment. However, certain rules govern affiliate conduct, including restrictions on attacking specific regions like CIS, Cuba, North Korea, China, and Romania. Banning may occur for violations such as adding false targets, repeated attacks on paid targets, or failure to fulfill negotiated terms after payment.
Overall, RansomHub sets a new standard in ransomware affiliate programs, prioritizing security, efficiency, and transparency for its affiliates.
