Security News > 2024 > April > Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate
Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants - cheap, independently produced, and crudely constructed - on the dark web.
"Over the past two months some of the biggest players in the ransomware ecosystem have disappeared or shut down, and, in the past, we've also seen ransomware affiliates vent their anger over the profit-sharing scheme of RaaS. Nothing within the cybercrime world stays static forever, and these cheap versions of off-the-shelf ransomware may be the next evolution in the ransomware ecosystem-especially for lower-skilled cyber attackers simply looking to make a profit rather than a name for themselves," Budd concluded.
The median price for these junk gun ransomware variants on the dark web was $375, significantly cheaper than some kits for RaaS affiliates, which can cost more than $1,000.
Junk gun ransomware discussions are taking place primarily on English-speaking dark web forums aimed at lower-tier criminals rather than well-established Russian-speaking forums frequented by prominent attacker groups.
These new variants offer an attractive way for newer cybercriminals to get started in the ransomware world, and alongside the advertisements for these cheap ransomware variants are numerous posts requesting advice and tutorials on how to get started.
"These types of ransomware variants aren't going to command the million-dollar ransoms like Cl0p and Lockbit but they can indeed be effective against SMBs, and for many attackers beginning their 'careers,' that's enough. While the phenomenon of junk gun ransomware is still relatively new, we've already seen posts from their creators about their ambitions to scale their operations, and we've seen multiple posts from others talking about creating their own ransomware variants."
News URL
https://www.helpnetsecurity.com/2024/04/18/junk-gun-cheap-ransomware-dark-web/
Related news
- What It Costs to Hire a Hacker on the Dark Web (source)
- Ransomware hits web hosting servers via vulnerable CyberPanel instances (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- Dark web crypto laundering kingpin sentenced to 12.5 years in prison (source)
- What Is the Dark Web? (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- Russia sentences Hydra dark web market leader to life in prison (source)
- Russia gives life sentence to Hydra dark web kingpin after seizing a ton of drugs (source)
- Scumbag gets 30 years in the clink for running CSAM dark-web chatrooms, abusing kids (source)