At $175, this ransomware service is a boon to cybercriminals

A Russian-speaking user has been advertising the ransomware-as-a-service, according to Recorded Future

Cybercriminals have another easy-to-use ransomware kit to add to their arsenals, thanks to a new variant called Karmen that hackers can buy on the black market for US$175 (about $230).

A Russian-speaking user called DevBitox has been advertising the ransomware in underground forums, security firm Recorded Future said in a blog post on Tuesday.

Karmen is what experts call ransomware-as-a-service -- a particularly worrisome trend. Amateur hackers with little technical know-how can buy access to them, and in return, they’ll receive a whole suite of web-based tools to develop their own ransomware attacks.

In Karmen's case, it offers an easy-to-use dashboard interface. Buyers can modify the ransomware, view what machines they've infected, and see how much they’ve earned.

To spread ransomware, hackers will often rely on spam emails with an attachment or a link to a website that contains malicious coding. Once it infects a computer, the ransomware will then encrypt the files hosted inside. To release the files, victims will have to pay up, usually in bitcoin.

DevBitox, one of the developers behind Karmen, has posted messages in various forums saying that Russian and English language versions of the ransomware-as-a-service are available.

karmen ransomware variant 5 Recorded Future

The dashboard to the Karmen ransomware-as-a-service.

So far, the hacker has sold 20 copies of Karmen, according to Recorded Future, which noted that the first infections of the ransomware variant occurred as early as December in Germany and the U.S.

The $175 fee is a one-time upfront payment, said Andrei Barysevich, a director at Recorded Future. “This lowers the barrier for other criminals to carry out ransomware attacks, and allows buyers to retain 100 percent of payments from their infected victims,” he added.

However, victims hit with the Karmen ransomware have recourse. That’s because the malicious coding is derived from Hidden Tear, an open source ransomware project.

Cybercriminals have been using Hidden Tear to build their own ransomware variants. However, security experts have been responding with free decryption tools designed to release computers of the infections.

Michael Gillespie, a security researcher, has developed his own decryption key generator that can address ransomware built from Hidden Tear. He advises that victims contact him for help. Gillespie has also developed a site that can diagnose what kind of ransomware has infected a computer, and offers advice on how it might be fixed.

No More Ransom is another site with free tools that can decrypt certain ransomware infections.

Security experts also recommend that businesses make routine backups of their important systems, in the event of a ransomware attack.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Michael Kan

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?