Free, ready-to-infect ransomware available on the dark web
Unskilled cybercriminals can now gain access to file-encrypting malware without the need for upfront payment.
It’s now easier than ever for criminals to launch damaging ransomware campaigns, after researchers discovered freely available malware lurking on the dark web.The ransomware-as-a-service (RaaS) model is not new, though historically malicious actors have been required to pay for malware, or at least register their details to access it.
However, this new service removes the need for upfront payment, with the malware developers instead asking for a percentage of the ransom paid by each victim.
Discovered by the McAfee Advanced Threat Research team, the ransomware is hosted as a service on the dark web, which allows users to create and modify the malware.
This allows the buyer to customize the amount of ransom payment required and add notes to the victim.
McAfee revealed that developers are offering it without payment upfront, instead demanding a 10% cut of any funds paid to the cybercriminals.
It also does not require registration for criminals looking to hide their tracks.
Other additions available include the ability to avoid detection and analysis.
The buyer can access the ready-to-infect malware easily without needing any specific coding knowledge – they just need to add details of their Bitcoin wallet.
Then, once the ransom is paid, a percentage is sent to the developer and the remaining funds transferred to the buyer.
This technique benefits both the buyer and the developer, who will be paid for the ransomware without being responsible for spreading it.
The malware was first spotted in July 2017 with the extension .shifr but was recently seen online with the extension .cypher.
However, McAfee advised that this malware in particular is not advanced and could have been created as a demonstration version.
Cybercrime – what’s the cost?
News of the free ransomware service comes as McAfee revealed that cybercrime costs the US an estimated $600 billion a year.
New figures from Washington D.C. think tank Center for Strategic and International Studies (CSIS) and McAfee found that the cost of cybercrime and espionage is rising.
In 2014, it was estimated to cost the US $500 billion – a steep increase over just four years.
The figures also revealed that at least two billion people worldwide have had their personal information compromised or stolen.
In 2017, the FBI estimated that $2 billion was paid in ransom to hackers, as the report highlighted that ransomware is the fastest growing type of cybercrime.
The report read: “The most disturbing thing we found is that whether a country takes significant efforts against cybercrime or whether it does almost nothing, cybercriminals will still be successful.”
It added: “A smart cybercriminal can make hundreds of thousands, even millions of dollars with almost no chance of arrest or jail.
“When you think of big cybercrimes, from Target to SWIFT to Equifax, none of the perpetrators have been prosecuted to date.
“Law enforcement agencies can be aggressive and skillful in pursuing cybercriminals, but many operate outside their reach. This is one reason why the cost of cybercrime continues to grow.”