The existence of crime as a service is no longer such an inconceivable thought in this day and age, and we all owe that largely in part to the dark web.
The recent upsurge of DIY ransomware kits on the criminal-infested parts of the dark web is testament enough that being a cyber-criminal takes little more than access on dark web, which is a motive as well.
The ransomware crime industry is one that appears to be thriving, not because the cyber-criminals are getting smarter, but because few people are prepared to deal with having their crucial files held hostage.
According to a recent survey carried out by cyber security firm Sophos, the research head James Lyne told the NBC’s Tom Costello that the threat of hacking is more imminent than ever.
The availability of DIY ransomware kits available on dark web coupled with the general lack of knowledge on how to prevent cybercriminals from holding precious files hostage spells nothing but doom for the future of online security.
Lyne explained that by making ransomware a service rather than a product, many more dark web users will have access to the ultimately destructive power of malware.
Existence of DIY malware kits can be traced back to the 90s
One thing that can be agreed upon is that the availability of malware kits is nothing new. Traceable all the way back to the early 1990s, malware creation tools seem to be making a resurgence both in popularity and in availability.
Back then, the sole purpose of these virus creation kits was to make it easier for those without the technical know-how to explore the nuances of virus-writing.
With some of the more popular kits that were available back then (Virus Creation Laboratory and PS-MPC) are now no match for the antivirus protection we have at our disposal, DIY malware kits are now focused on one primary goal: to make money.
Darknet markets overtly offer various DIY malware kits to all and sundry
Going by the conventionally overt nature of the dark web, even in the sale of highly illegal contraband and child exploitation, it comes as no surprise that these DIY ransomware kits are being overtly advertised and sold on some of the most popular darknet markets on the dark web, complete with clear and concise instructions on how to configure them.
Lyne accentuated the impending danger of hacking by highlighting two recent developments pertaining to ransomware builder kits on dark web.
The first case was that of the AKBuilder, a DIY ransomware kit on which Sophos had performed extensive research on and released the findings in a paper.
The malware-building kit is undoubtedly the most popular found on the dark web simply because it is one of the easiest to use. It allows cyber-criminals to hide malware samples in files and documents which they proceed to spread as spam to their targets.
Opening these documents triggers the release of the ransomware software, putting the victims at the mercy of these newly-initiated ransomware vendors.
SophosLabs also warned about the Microsoft Word Intrude, a builder that has undergone significant tweaks, one of which involved the addition of a non-Office exploit for the first time in the history of the kit.
This latest update has increased its popularity on the dark web by expanding its potential target range exponentially.
The availability of DIY malware kits is cause for concern, says Lyne
Aside from the “astonishing overtness” with which the distribution of these blackmail software is carried out on dark web markets, Lyne divulged to NBC’s Costello that the availability of this technology meant that we have to worry about a much wider scope of criminals.
Lyne wrapped up his interview with a few helpful tips on how to avoid being the victim of these Bitcoin-hungry dark web criminals, most important of which was that people should constantly keep their data backed up and their security software updated.
He also advised that people should employ the various tactics necessary to stay safe from ransomware attacks.