At $175, this ransomware service is a boon to cybercriminals

A Russian-speaking user has been advertising the ransomware-as-a-service, according to Recorded Future

Cybercriminals have another easy-to-use ransomware kit to add to their arsenals, thanks to a new variant called Karmen that hackers can buy on the black market for US$175 (about $230).

A Russian-speaking user called DevBitox has been advertising the ransomware in underground forums, security firm Recorded Future said in a blog post on Tuesday.

Karmen is what experts call ransomware-as-a-service -- a particularly worrisome trend. Amateur hackers with little technical know-how can buy access to them, and in return, they’ll receive a whole suite of web-based tools to develop their own ransomware attacks.

In Karmen's case, it offers an easy-to-use dashboard interface. Buyers can modify the ransomware, view what machines they've infected, and see how much they’ve earned.

To spread ransomware, hackers will often rely on spam emails with an attachment or a link to a website that contains malicious coding. Once it infects a computer, the ransomware will then encrypt the files hosted inside. To release the files, victims will have to pay up, usually in bitcoin.

DevBitox, one of the developers behind Karmen, has posted messages in various forums saying that Russian and English language versions of the ransomware-as-a-service are available.

karmen ransomware variant 5 Recorded Future

The dashboard to the Karmen ransomware-as-a-service.

So far, the hacker has sold 20 copies of Karmen, according to Recorded Future, which noted that the first infections of the ransomware variant occurred as early as December in Germany and the U.S.

The $175 fee is a one-time upfront payment, said Andrei Barysevich, a director at Recorded Future. “This lowers the barrier for other criminals to carry out ransomware attacks, and allows buyers to retain 100 percent of payments from their infected victims,” he added.

However, victims hit with the Karmen ransomware have recourse. That’s because the malicious coding is derived from Hidden Tear, an open source ransomware project.

Cybercriminals have been using Hidden Tear to build their own ransomware variants. However, security experts have been responding with free decryption tools designed to release computers of the infections.

Michael Gillespie, a security researcher, has developed his own decryption key generator that can address ransomware built from Hidden Tear. He advises that victims contact him for help. Gillespie has also developed a site that can diagnose what kind of ransomware has infected a computer, and offers advice on how it might be fixed.

No More Ransom is another site with free tools that can decrypt certain ransomware infections.

Security experts also recommend that businesses make routine backups of their important systems, in the event of a ransomware attack.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Michael Kan

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?