For anybody wanting to be a cybercriminal – a pretty cheap but very powerful malware is out there on the Dark Web. The advanced ransomware is being offered for just $39. Named as Stampado ransomware, it is a cryptoware that can surprisingly encrypt data even without acquiring administrative privileges.
Shocking! Malware developers have stooped to such low-cost marketing levels. But it could also be seen as an innovative marketing strategy that would allow the malware developers to gain more revenue from volume sales. The malware developers are offering the Stampado malware for sale on malware shopping forums.
Key features of Stampado ransomware:
- It is a cryptoware malware
- Cost – just $39
- Full lifetime license
- Very cheap when compared other similar ransomware products
- Easy-to-manage
- Easy-to-use
- Host not required
- Just one email ID required
- The file can be sent in the many formats: bat, exe, cmd, scr, dll
- The file can be sent with packers, binders and crypters.
- Administrator privileges not required
The ransomware developers have also uploaded a demonstration of how the malware locks the files. The ransomware file is spread through typical social-engineering methods, which induce a victim to click open an attachment (malicious). The ransomware immediately starts working and encrypts and locks all the files on the system/device. The malware adds a “.locked” extension to the infected files and opening the files reveals the content of the files in an encrypted form – which would be like junk characters in unreadable form. Just deleting the “.locked” extension does not bring the file back to its original state or readable form.
The cybercriminals warn the victim that the demanded ransom should be paid within 96 hours or else the Stampado ransomware would randomly select a file through Russian Roulette every 6 hours and delete the random file. The victim would have no other choice other than to pay-up, as the files are encrypted using AES-256 encryption, and presently there is no way to decrypt AES-256 encrypted files.
The cyber criminals offer to decrypt a single file to demonstrate that they have the capability to decrypt the files.
How To Stay Protected Against Ransomware Attacks
- Get an effective anti-malware solution that follows default-deny policies and auto-sandboxes all unknown files.
- Educate users, employees about the vulnerabilities involved in opening unknown files, and opening attachments from unknown sources.
- Educate users about phishing and spear phishing attacks – on not to click on links in mails from unknown or doubtful sources.
- Keep the operating system updated with the latest patches
- Keep the antivirus solution updated with the latest definitions.
- Maintain a complete backup of the data so that the backup data can be used to restore all the data.