Hackers who want to make money but don’t want to get involved in the messy business of extracting payment from victims have turned to a malware-as-a-service business model. They write the code and sell subscriptions to the cyber criminals who deploy it in the wild. Crypto ransomware (malware that encrypts files and demands ransom for the decryption key) subscriptions typically sell for hundreds of dollars. Now, Heimdal, an online security company, has uncovered a cryptoware program called Stampado that is being sold on the dark net for $39.
Stampado encrypts files and gives the victim 96 hours to pay a ransom. It’s advertised as fully undetectable and can be deployed in .exe, .bat, .dll, .scr and .cmd files. In an added twist, Stampado deletes a randomly selected file every six hours if the ransom is not paid.
Just in case prospective buyers think $39 for a ransomware subscription is too good to be true, the creators have produced this YouTube video that shows the program in action.
Crypto ransomware attacks have been increasing at an alarming rate and a ransomware “solution” priced at $39 is likely to exacerbate the problem. Users can protect themselves by backing up their files, installing reliable ani-malware and anti-virus software, keeping their security software and all of their programs updated, and refusing to open attachments or click on links in suspicious or unexpected emails.
I’ve reached out to Heimdal for further information and will update this article if I hear back.