Hackers are selling Stampado Ransomware on the dark net for just $39 — They claim it’s FUD (fully undetectable)!
The Dark Net is full of illegal products including drugs, fake id card, weapons, databases or even highly contemptible listings of child abuse images but now researchers have discovered complete ransomware setup available for sale on one of the dark marketplaces.
The price of this ransomware is only $39 which shows that developers are more interested in spreading their creativity rather than earning big bucks. One screenshot shared by Andra Zaharia of Heimdal Security shows sellers are confirming that the ransomware software is fully undetectable (FUD) which can be sent through email in extensions like .cmd, .bat, .dll, .exe and .scr. The seller is also warning buyers not to scan the file on VirusTotal.
Must Read: Say Hello to Ransomware Targeting Smart TV
Stampado functions just like other ransomware, it infects the victim’s device and renames it with .locked extension and asks for ransom. In case ransom is not paid after 96 hours of infection, Stampado starts deleting random files from the device. The most concerning thing about this ransomware is that it doesn’t require admin privileges or permission to install itself on victim’s pic hence once executed the Stampado will install itself and lock the data for ransom.
Here is the ad screenshot saved from the listing on darknet:
We contacted Andra Zaharia of Heimdal Security for expert comment on the open selling of such malicious program, according to Zaharia:
”The way that Stampado is advertised shows us how audacious cyber criminals can be. The days when they kept quiet and worked mostly on their own are long gone. Now it’s all about making big money from their malware-as-a-service business. Online criminals don’t shy away from using whatever tactics they can to call attention to their “products”. Regular Internet users might perceive this as a brazen or even defiant attitude towards them. The problem is that many of them don’t realize that they can do a lot to curb ransomware from affecting so many of their devices and so much of their data. It starts with regular software updates, it continues with installing a reliable antivirus and it continues with using security solutions focused on proactive online safety. What’s more, anyone can benefit from investing a bit of time in basic cyber security education. This will become even more important in the years to come.”
Selling malicious software anywhere is completely illegal but the fact that the sellers are using darknet marketplace may protect them from jail time however last year a couple was arrested for selling malware encryption program to cyber criminals so that their malware cannot be easily detected by anti-virus programs.
If you are concerned about ransomware attack, avoid downloading files from unknown emails and untrusted websites otherwise, you might fall foul of such criminal elements and lose your data as well as money.