We might be entering a whole new era of malware, one where even those who lack any semblance of deep technical expertise will be able to acquire and disseminate viruses and the like on the fly.
Speaking to this point, security researchers at McAfee recently discovered a new piece of software which makes it exceedingly easy for anyone to create their own ransomware. The online software, which runs on TOR, is called Tox and, believe it or not, is completely free to use. The developers of the software aim to make money on the back end by taking a cut of any successful ransomware campaigns its users run.
Here’s how it all works.
Once a users register with the site, which has a rather streamlined and user-friendly design, they can then easily customize their ransomware payload by entering in their desired ransom amount. Following that, users simply type in their “cause”, presumably the message that will alert unsuspecting users that they’re being held hostage to a piece of malware. And finally, users are prompted to fill out a captcha.
“This process,” McAfee explains, “creates an executable of about 2MB that is disguised as a .scr file. Then the Tox “customers” distribute and install as they see fit. The Tox site (on the TOR network) will track the installs and profit. To withdraw funds, you need only supply a receiving Bitcoin address.”
And as one would expect, if an unsuspecting user accidentally opens up the offending .scr file, the payload encrypts all of the data on their machine and only reverts back to normal once a Bitcoin payment is made. Naturally, the alert informs users who don’t know the first thing about Bitcoins how to buy the digital currency and how to make a payment with it.
For more information regarding the technical details surrounding the ransomware, McAfee has a detailed write-up that you can check out from the source link below.