Today, anyone can access the dark web and buy a data list with passwords, email addresses and even financial information on. They can then buy ransomware and send it out to their list of victims and hope something slips through.
It’s called Ransomware-as-a-Service and it can cost as little as £70.
You no longer need to have strong technical skills to distribute ransomware. All you need is access to the dark web. Known cyber criminals will package up everything you need into one handy kit and off you go. Someone else does all of the hard work and coding for you, so its low touch with minimal effort.
Some services even offer you the option to display the status of your attack in real-time. When an attack is successful, the funds are usually split between the attacker, the coder and the person who provided the service.
But how many people actually use this?
If you have access to the dark web, you will find loads of adverts following you around, trying to entice you to buy this type of service. As such, ransomware-as-a-service attacks on businesses in the UK have tripled in the last year.
You really can trust no one when it comes to cyber security anymore. So what types of ransomware-as-a-service are currently circulating?
As with most things in life, RaaS has a most popular list. So let’s have a look and find out more on what they do.
A type of RaaS, money is paid to the developers when malware is successful. With no current free decrypters available, it’s a nightmare when it hits a system. It sits silently in the background of your computer, without triggering any infection alerts. It can even stop your antivirus programs from working. Once successful, you normally find a message on your home screen confirming infection and payment details.
Like most ransomware it comes from malicious links in an email and websites with software vulnerabilities. It’s silent and you have no idea it’s in your system. It renders your files unusable and even though you might pay the ransom (which we strongly advise against), chances are you won’t get your data back.
One of the first, fully packaged RaaS offerings, Stampado is on sale on the dark web for a grand total of £30. The selling point? Every six hours, the criminal can delete files at random until the ransom is paid. The developer still updates it and offers lifetime support to buyers.
An upgrade to Stampado, this particular ransomware is delivered via spam emails with false overdue payment notices. It normally demands 0.3 Bitcoin for the decryption key. It’s owned by the same developers as Stampado and comes with the same lifetime support and guarantee.
It is slightly more expensive than its predecessor and comes in at about £300 for a full unlimited license. This includes: unlimited builds, unlimited campaigns, no monthly fees, no dependencies, constant updates and Bitcoin payment auto detect.
Firstly, you need a license to be able to use the ransomware builder, but kits are available at 0.14 Bitcoin. Once in the system, all files are encrypted. Like Stampado and Philadelphia, its creators offer online support and troubleshooting.
Spotted back in 2017, RaaSberry gives users the option to customise their attacks. Packages are pre-made, ready to distribute and paid for via Bitcoin.
There are different subscriptions that customers can choose from, including a one month command and control subscription to a three month subscription. It can cost as little as £46 but the main package costs £500.
With this you get:
– 100% of the ransomware
-Continued ransomware even if you stop the subscription
– Compatibility with Windows 10
This one won’t cost you a penny. You can download a ransomware sample, set your own price and payment conditions, it will collect the ransomware for you and it gives the victims a decryption tool if they pay out. If successful, you get 70% of the ransom, paid via bitcoin.
Call our team today for more information on how to protect your business!