Now that Bitcoin ransomware is becoming even more of a global threat; some researchers took it upon themselves to delve deeper into the world of underground marketplaces on the darknet and internet criminality. As it turns out, buying ransomware source code is not all that expensive, as some people are selling it for as little as US$100. For that price, buyers will get the toolkit they need to potentially infect millions of computers around the world, although some minor tweaks will need to be made.
Bitcoin Ransomware is Dirt Cheap on the Darknet
Italian newspaper La Stampa has posted an interesting article on how easy it is to obtain the Bitcoin ransomware source code on underground forums. Do not expect to find this software by conducting a Google search, as internet criminals use the darknet to conduct business. Accessing these marketplaces full of illegal information, services, and goods requires users to install the Tor browser.
Although there has been a lot of backlash against the usage of anonymity software to access part of the Internet that is not crawled by search engines, more and more people are flocking to the darknet. Part of this increase in popularity is because there is something appealing about accessing what is forbidden by law, and knowing that one’s identity is fully protected, most users are not too worried when accessing underground marketplaces.
One of the more popular trends in the world of Internet criminality is Bitcoin ransomware. These pieces of malicious software can infect Windows computers all over the world, and spreading them can be done in a variety of ways. Whether it occurs through infected email attachments, or advertising networks, this type of malware is becoming far too common these days.
The article mentions how the author managed to gain access to one of the Russian underground forums on the darknet, where an offer was made to purchase ransomware in exchange for a US$100 payment in Bitcoin. In return for this payment, the buyer was provided with all of the distribution tools, as well as other software to access computers remotely. However, the ransomware seller will keep 15% of all incoming Bitcoin ransom payments, and the person claimed this seller is servicing between three and four hundred customers right now.
To make matters even more worrying, there are other ways to make money with Bitcoin ransomware as well, by offering more customization. Some websites let users enter their Bitcoin address, how much ransom they want to charge, and the period users have to make the payment. Once everything is configured, the user can then download the complete package in exchange for a small price. Although this solution is not too refined, it does the job well.
There is no denying Bitcoin ransomware is becoming so popular security researchers are struggling to come up with solutions. It is far too easy to obtain this malware through underground marketplaces, and law enforcement agencies need to focus their attention on shutting these platforms down, rather than blaming Bitcoin for all of the misery caused by ransomware.
Source; La Stampa