‘Fatboy’ Ransomware Extorts Money Based on Victims’ Countries

Cybersecurity researchers have discovered a new variant of ransomware that automatically adjusts its ransom demand from victims based on their location. Targets in wealthier countries will be forced to pay higher rates.

The ransomware malware, dubbed ‘Fatboy’, was discovered by security researchers at Recorded Future. Fatboy first emerged in March on a Russian cybercriminal forum. The malware is also being advertised on an underground hacking forum frequented by Russian-speaking cybercriminals.

Promoted as a Ransomware-as-a-Service (RaaS) by a cybercriminal called ‘polnowz’, the ransomware was made available on March 24. The offering was a comprehensive product that offered support and guidance with a dashboard that allowed buyers to track its infection statistics.

A day later, the first samples of the malware were discovered by researchers.