Recently, the author of the ‘Redeemer’ ransomware has been seen promoting the latest version of the free-to-use C++ ransomware on hacker forums which provides amateur and unskilled threat actors with the opportunity to enter the market of ransomware. In the post by the author, the new version 2.0 works on Windows Vista, 7, 8, 10, and 11, and has many key features including multi-threaded performance and a new graphical user interface. It also has a medium antivirus detection rate which means it is not detected by all antiviruses.
The key difference between the Redeemer ransomware operation and Ransomware-as-a-Service (RaaS) operations is any individual can download and use the Redeemer ransomware to launch their own attacks. The only catch for users using the ransomware is when a victim decides to pay the ransom, the author receives 20% of the fees and shares the master key to be combined with the private build key held by the affiliate for decryption. The author also stated the ransomware would go open-source if they lose interest.