Crypto

Ransomware is a thriving darknet market – ChannelNews

Ransomware research conducted by machine identity management specialist Venafi in partnership with analytics firm Forensic Pathways revealed the existence of about 30 ransomware “brands” on the dark web, with source code prices fluctuating based on their popularity.

Strains such as Babuk, Darkside/BlackCat, Egregor, GoldenEye, HiddenTear or WannaCry that have been successfully used in well-publicized attacks are selling at higher prices. Thus, the most expensive source code is $1,262 for a customized version of the Darkside ransomware used in the May 2021 Colonial Pipeline cyberattack. As for Babuk’s source code, it’s priced at $950 and Paradise’s source code is for sale. about $593.

The study also shows that 87% of ransomware is activated by malicious macros. Typically, these macros are used to automate repetitive tasks in Microsoft Office to improve productivity. However, the Redmond-based software giant hasn’t decided to drop the feature just yet.

“Using code-signed certificates for macro authentication means that any unsigned macros cannot be run, stopping subsequent ransomware attacks,” said Kevin Bocek, vice president of Venafi, who is in charge of security strategy and threat intelligence. “This is an opportunity for security teams to promote and protect their business, especially in banking, insurance, healthcare and energy, where macros and Office documents are used throughout the day to improve decision making. »

The review also notes that the most expensive value-added services on the dark web are those that offer source code, custom build and development services, and ransomware packages that include walkthroughs. Some cost over $900. At the other end of the price spectrum, some Lockscreen ransomware sells for as low as $0.99.

Methodology:

Between November 2021 and March 2022, criminal information provider Forensic Pathways analyzed 35 million dark web URLs using the Forensic Pathways Dark search engine. The study results cover 475 web pages of ransomware products and services sold on the dark web.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.