Ransomware for Sale

Ransomware is a far greater threat to your systems than ever before because of a disturbing new trend. Outlaw ransomware designers are now peddling their “services” to any criminal willing to disseminate their products online.

A page promising to let anybody use the Satan ransomware; in exchange for a cut of the take, was discovered on the Dark Web, ZDNet reported. Security researcher Xylitol stumbled upon the page which – offers visitors a chance to create malware.

Visitors get also get the opportunity to set a ransom and a multiplier. They can then deploy Satan to the computer of their choice or use it in a phishing scam.

Satan for Sale

The Satan ransomware encrypts files to keep users from accessing them. It then demands that the victim pay a ransom in bitcoin in order to get access to his or her own files. Satan is part of the Gen:Trojan.Heur2.FU family of viruses.

It uses the RSA-2048 and AES-256 encryption algorithms to block access to all the files on a computer or in a system. Once the files are encrypted all the victim sees is a window that explains how to pay the ransom. The only action the victim can perform with the computer is to pay the ransom.

How anybody can become a Ransomware Pirate

The page discovered by Xylitol offers Satan to anybody who promises to give the developers 30% of the ransom. The developers hope is that the crooks distribute Satan as part of a phishing scam. Satan normally demands a payment of $500 to $1,500 in bitcoin to free the infected computer.

Disturbingly some extortionists have collected; or tried to collect, a lot more. Ransomware pirates tried to extort $28,000 out of the Los Angeles Community College District on December 30, 2016. The District did not pay but the Hollywood Presbyterian Medical Center; the hospital in Los Angeles ended up paying ransomware bandits $17,000 to free its systems, on February 5, 2016.

In both cases the organizations found themselves shut out from their own files by ransomware. The malware used by the extortionists was not identified but it sounds like Satan.

Ransomware as a Service or do-it yourself cyber extortion

Disturbingly such do-it-yourself cyber extortion solutions are now so common that they even have a name. The term for them is Ransomware as a Service or RaaS.

Satan is apparently the most sophisticated of these tools available. It contains such features as fee payment records, transaction tracking and an opportunity to buy future versions of Satan. The malware can even be translated into different languages for the benefit of criminals around the world. According to ZDnet Windows-operated devices are Satan’s primary target.

What is even more frightening is that there at least one other RaaS out there. Extortionists deploying the Cerber ransomware were thought to be raking in $195,000 a month in July 2016, ZDnet reported in August. Unlike Satan, Cerber’s creators demand a cut of 40% of the ransom.

Security researchers identified 150 Cerber phishing campaigns targeting Windows users in 201 countries in August. Experts at Check Point think as many 150,000 users had been victimized by Cerber as of August 2016.

The internet is a far more dangerous place than ever before because of RaaS. Everybody needs to be afraid of ransomware because it is only a matter of time before this scourge targets you.

Leave a Reply

%d bloggers like this: