Zeppelin Reunites…the Ransomware. Not the Band. Sorry.

May 24, 2021
Carl Keyser
May 24, 2021
Carl Keyser
Table of contents
    A large airship floats above the clouds in a clear sky.

    Zeppelin Reunites...the Ransomware. Not the Band. Sorry.

    I apologize to all of you Led Zepplinists in the audience, but I couldn’t help myself. A fairly recent form of ransomware, called Zeppelin (duh) has reared its ugly head once again.

    The software retails for about $2,300 on the Dark Web and gives customers decide how they use the software. This is atypical in the Ransomware-as-a-Service (RaaS) industry. Typically a RaaS provider and their partners split the ransom.

    The Zeppelin developers are also known for favoring their regular customers, offering unique and favorable terms to those who’ve repeatedly bought from them.

    Zeppelin can ultimately be traced back to the Buran or VegaLocker family of ransomware. The family is programed in the Delphi language, making it more difficult to reverse-engineer.

    In the past, bad actors had previously relied on malvertising campaigns to spread VegaLocker, but in this case, Zeppelin uses more traditional methods, like exploiting VPN vulnerabilities and phishing.

    Helpful Articles:

    Phishing

    https://www.security7.net/guide/social-engineering/what-is-a-phishing-attack

    what-is-phishing

    VPN 

    an-ode-to-vpns-why-traditional-solutions-stink-three-replacements

    Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

    Avatar photo

    Carl Keyser

    As Inbound Marketing Manager at Integris, Carl Keyser brings expertise in digital marketing and SEO to create insightful blog content that educates and informs readers about technology trends and best practices.
    Share on LinkedIn