Ransomware operation provides malicious software in exchange for a slice of successful scores.
The service offers step-by-step instructions on building ransomware.
A new dark web scheme could allow any wannabe cybercriminal to grab a piece of the ransomware pie for free — on the condition that any ill-gotten profits are split 50/50.
Ransomware — a form of malware which encrypts a victim’s files and demands a ransom to restore them — has boomed in the last 18 months. A number of ransomware-as-a-service affiliate schemes allow even the most technically illiterate cyber thief to cash in on a form of crime which cost businesses over a billion dollars last year.
But while these schemes are sold to users for a fee — be it a one-off payment, or as part of a subscription based service — this new ransomware operation is providing malicious software to affiliates for free in exchange for a big slice of any successful scores.
The move represents another evolution in ransomware which could make it an even more dangerous threat, because criminals may be tempted to download it and launch a ransomware campaign as they don’t need to part with their cash to do so.
“The simplistic and straight-forward design of Dot ransomware enables just about anyone to conduct cybercrime,” warn Fortinet researchers, who predict Dot will soon become a big threat to businsesses.
“Although we haven’t seen this ransomware in the wild, with the advertisements being made accessible on hacking forums, it’s only a matter of time until people start taking the bait.”
This particular scheme appeared during mid-February and offers users Dot ransomware. All the user needs to get started is to access to the download via the Tor browser and to register a Bitcoin address — Bitcoin being the number one method of extorting ransoms.
Once this is done, the authors of Dot provide a guide to getting started, including recommendations of which file types to use to distribute ransomware, as well as recommendations for what ransoms to charge in which countries in order to maximize returns.
The authors even go so far as to provide a dashboard for users to keep track of the number and status of infections. The core of the malicious software service appears to be designed to look as if it’s like any other form of legitimate set of software tools.