A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems.

VanHelsing was first promoted on underground cybercrime platforms on March 7, offering experienced affiliates a free pass to join while mandating a deposit of $5,000 from less experienced threat actors.

The new ransomware operation was first documented by CYFIRMA late last week, while Check Point Research performed a more in-depth analysis published yesterday.