Web scum are offering another ransomware as a service model under which ill-gotten gains are split between VXers and buyers.
No technical information is offered regarding the capabilities of the ransomware -- which is claimed to be some version of the well known CryptoLocker -- and should serve as a warning for all would-be criminals thinking of signing up.
Most ransomware fail because of encryption implementation flaws that white hats can exploit to retrieve decryption keys for free.
Punters will need to buy in for the paltry price of US$50. The VXers claim they will keep 10 percent of the total ransom paid.
FAKBEN Team offers a unique and professional service that is based on the rental of our CryptoLocker ransomware which can be downloaded through the executable file, that is built with your custom settings, and then sent to a specific victim to ask for ransom money….
When the person pays for files decryption (sic) is important to be loyal and give him/her the key for the decryption. When money is payed (sic) we will take 10 percent for the service and then the other amount will be sent to the address you specified before.
Custom ransoms can be set to a limit of $1,000,000 before database errors are thrown. A basic GUI will show the number of infected machines and ransoms paid.
The group says the ransomware will launch in coming days.
Writing ransomware is a complex business and many would-be VXers have quickly failed. This example is reminiscent of the Tox ransomware-as-a-service which fell to ruin shortly after it surfaced.
More recently Kaspersky boffins declared the Coinvault and Bitcryptor ransomware "dead" with alleged authors arrested and all 14,000 decryption keys released. ®