B2B Extortion? New Ransomware Business Takes 10 Percent Cut from Its Customers

A new ransomware service has been introduced, promising to provide anyone with the means to launch crypto ransomware attacks for a 10 percent cut of the proceeds. Called the CryptoLocker Service, the operation provides customers—even those without advanced technical knowledge or experience—with crypto ransomware that can be configured according to their preferences.

To get CryptoLocker Service’s basic payload, an initial US $50 has to be paid by interested customers. After paying the said sum, the user can specify the amount of ransom money required to decrypt the victim’s files and immediately execute attacks. Once the payment has been made, the collected Bitcoin payments will be automatically forwarded to the customer-designated address—minus the 10 percent commission taken by the service.

Given its characteristics, CryptoLocker Service is slated to be a cheaper resource that could result in an increased number of downloads and infected victims. The ransom can be set by the customer, but Fakben recommends keeping it low—at US$200. For now, the crypto ransomware only affects Windows PCs, but there are plans to develop the malware for other platforms.

The operator, using the handle Fakben, aims to yield additional customized functionalities in the said malware by utilizing preexisting exploits and potentially targeting vulnerable software such as Adobe and Java. The person behind the venture isn’t new to the cybercrime business, as Fakben had been a former user of the now-shut down Evolution (Evo) black market on the Tor network.

The CryptoLocker Service site posted on November 16 that it will launch in one or two days.

Is extortion going B2B? It remains to be seen how this new scheme could affect the threat landscape. Giving practically any would-be criminal the ability to launch their own ransomware operation for a $50 buy-in could result in a sudden rise in ransomware incidents. It's recommended that users always keep backups of their important data. While it can't prevent a ransomware infection, having a backup on hand can make sure that victims don't have to pay up to recover encrypted data. Paying the ransom only encourages more attacks.   

For a primer on ransomware, read our 101 on what it is, how it works, and how to defend against it


Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.