top of page
  • Writer's pictureechoudhury77

Ransomware will disappear like a miracle.


Back in 2018 we predicted the rise and expansion of ransomware. Unfortunately we were right. The ransomware business quickly escalated into a service so threat actors no longer had to host and maintain keys and C2 (command-and-control) servers to go after victims. Today the Dark Web has a veritable smorgasbord of options for striking and inflicting systems and infrastructures with very little effort. Almost no effort actually.

When you look at the options on Dark Web sites, it's not very different from subscribing to Office365 or a web-hosting service. You get options and various packages to select from depending on how long you want to run a ransomware campaign or how complex you want to get. Monthly and annual plans are available. Armed with breached contact information of potential victims, the bad guys can gear up and launch in minutes and wait for the ransom payments to come in.

Skeptical of how simple it is?

Here's a sample of a Ransomware-as-a-Service (Raas) subscription ANYONE can buy on Dark Web sites in minutes (pulled directly from a Dark Web site):

[PACKAGE #PREMIUM] - 12-MONTH C2 Dashboard (RaaS) - Price: 900 USD

C# FUD Ransomware (AES 256 Encryption with a 64 chars long uncrackable key)

C# Decrypter

Stub Size: 250kb (unique exe for each buyer)

Stub #: 2 x 100% private FUD stubs (the second one after 6 months)

Platform: Windows (both x86 and x64)

Duration: 12 Months access to Darknet C2 Dashboard (to receive the AES keys from Clients)

Fees: We take NO FEES from your Clients

Features: Delayed Start, Delayed Encryption, Mutex, Task Manager/Registry Editor Disabler, UAC Bypass, Desktop Wallpaper Changer

IP Tracking: Yes

Offline Encryption: Yes

Support: Yes

Real-Time Client Manager: Yes

Paid Add-On (Dropper): Execute your own exe (backdoor, implant, etc.) (FREE)

Paid Add-On (Clone): A fresh FUD RANION copy with the same setup information (+90 USD)

Paid Add-On (Crypter): Additional Crypter/Obfuscator + unique onion address (+90 USD)

Paid Add-On (Unkillable Process): Unkillable Process aka BSOD (+90 USD)

Free Add-On: optional file types to encrypt (for all encrypted file types see FAQ)

Free Add-On: optional Client's sub-banner in your language (already present en, ru, de, fr, es, it, nl, fas, za)

Sadly, going after the people who offer RaaS is a lot like playing Whack-a-Mole. Bring some down and more pop up in minutes elsewhere.

What can you do to protect and defend your computer and systems?

37 views0 comments


bottom of page