Ransomware
Also known as: Ransomware attack, Ransomware-as-a-service
Ransomware is malware that encrypts or steals a victim's data and demands payment for its return. Infostealer-harvested credentials are a primary way ransomware operators gain initial access, making stealers a key upstream enabler of ransomware attacks.
What is ransomware?
Ransomware encrypts files (and often exfiltrates them first for "double extortion") and demands a ransom. Many groups operate as ransomware-as-a-service, renting their malware to affiliates who carry out intrusions.
The infostealer connection
A large share of ransomware intrusions begin with valid credentials — frequently sourced from infostealer logs and sold by initial access brokers. Detecting and resetting those credentials early is one of the most effective ways to prevent ransomware.
VantaPrism helps cut off ransomware at its root by surfacing the compromised credentials that initial access brokers and ransomware affiliates rely on for entry.
Check Your Exposure arrow_forwardFrequently Asked Questions
How are infostealers linked to ransomware?
Related Terms
An initial access broker (IAB) is a cybercriminal who sells access to compromised networks and accounts to other atta…
Compromised credentials are usernames and passwords that have been exposed to unauthorized parties — frequently throu…
Infostealer malware is a category of malicious software designed to silently harvest sensitive data — passwords, sess…
A data breach is an incident in which sensitive data is accessed or disclosed without authorisation. Infostealer infe…