Join Our Community!Join Our WhiteHat Group On facebook & Stay Updated.

Ransomware: Now Available With Slick Marketing

Ransomware vendors are advertising their wares with ever-greater polish and skill.

The developer of an easy-to-use form of customizable ransomware has massively expanded their activities, expanding their arsenal of cybercriminal tools and making it even easier for would-be cyber crooks to set up operations.

A custom version of Philadelphia ransomware designed to extort money from individuals by demanding lower ransoms | Hacker Nucleus
A custom version of Philadelphia ransomware designed to extort money from individuals by demanding lower ransoms. Image: Proofpoint (ZDnet)

First spotted in September last year, Philadelphia ransomware is simple to deploy and at $400, is a relatively low-cost investment for entry-level cyber criminals, who also get support and updates as part of a ‘ransomware-as-a-service’ package which provides them with the opportunity to become part of a billion-dollar industry.

 

Now its creator, who goes by the name of ‘The Rainmaker’ on underground forums, is pushing a ‘Full Lifetime License’ for Philadelphia ransomware, complete with promotional videos and screenshots, spamming the Jabber messaging platform with adverts for the malicious software.

 

Sergey Shykevich, head of cyber research at security company Clearsky, said The Rainmaker represents a specific type of actor in the cybercrime ecosystem: those who prefer to sell products, mostly at a relatively low technological level and at low prices, but to a wide audience. “This actor represents a trend of some new cyber criminals, that try to sell their products and services also to a non-traditional audience, outside of Deepweb forums and markets,” he said.

 

In addition to the basic-looking Jabber spam campaign, the cybercriminal vendor — spotted by researchers at ClearSky Security — has set up a professional-looking website for advertising ‘anti-security solutions’ and ‘award-winning support’. In addition to Philadelphia, the website also promotes Stampado, a particularly cheap and nasty form of ransomware which uses worm-like capabilities to move across networks and external drives.

 

Not only are two different types of ransomware available on the site, but various forms of other malicious tools are also advertised. They include DDoS attack tools, a remote access Trojan, a credential stealer, and tools which allow users to spam emails. While Philadelphia is far from becoming one of the most common forms of ransomware, the move reflects how slick the marketing of such scams has become.

 

Because it is proving easy to make a profit from, ransomware has become one of the biggest menaces on the web. Hacker Nucleus will you guide everything you need to know about it: how it started, why it’s booming, how to protect against it, and what to do if your PC suffers an attack. Please follow our social page and connected with us πŸ™‚

 

Comments

comments

Leave a Reply