Ransomware-as-a-service business up for grabs to highest bidder

Buy my racket or I DECRYPT my victims, says student scumbag

6 Reg comments Got Tips?

A self-aggrandising web skiddie is attempting to sell access to victims of the Tox ransomware.

The hacker claims to be a student and says he has been inundated with customers for a ransomware-as-a-service racket that offers to infect victims in return for a 70 percent cut of ransoms (paid as Bitcoin, natch).

The scam uses the Tox malware that McAfee threat research head Jim Walter revealed last week, noting its code is crude while raising the red flag.

The hacker, who uses the handle "Tox", whimpers on Tor that they will release the decryption keys if he fails to flog his ransomware racket to another criminal.

“If nobody's going to buy the database, in one month I'm releasing the keys and victims will have their files automatically unlocked,” they write on the site.

While Tox says he or she is bailing because they do not consider themselves criminals, it is common for members of the research community to find operational security flaws that reveal a hacker's true identity.

Tox, the person, says crims will commonly opt to distribute Tox, the ransomware, through spam campaigns in which the ransomware would be delivered as a Windows screensaver.

It is a novel if simplistic twist on the seemingly booming ransomware market which over time produces more advanced malware capable of foiling backups and fighting reverse engineering attempts. ®

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER


Biting the hand that feeds IT © 1998–2020