Ransomware a for Hire Business is not a typical post about insurance itself. It is however an urgent reason to get insurance. Read on and you’ll see why!
Just when you thought things couldn’t get much worse, we see this: “ransomware a for hire business”. Yes, the dark web now has cyber-criminals offering their services hacking a company’s systems, just to install ransomware.
Karmen is the name of the latest ransomware being offered by a Russian hacker. For a fee, this cyber-criminal will hack a company and install Karmen ransomware.
This ransomware is being advertised on the dark web and it is different from similar software on the market. This new ransomware is even available in a beginner’s pack, for criminals newly engaging in a ransomware campaign.
Russian Based Attack
The Karmen ransomware installation is now being offered through several hacking forums. It is likely that the effort is based out of Russia, as the marketing is being done through Russian language hacking forums.
According to the current Russian seller, he has taken part in the web design and in designing the control panel. The malware is actually using Hidden Tear, an open source project for encryption.
Experts are calling this a Ransom Service or RaaS, model. It is based on previously released open source codes.
One of them is the previously mentioned Hidden Tear, which appeared as an open source ransomware code several months ago. While Karmen is based on the Hidden Tear type of codes, the developers have made a few modifications. The first and maybe most scary, is that you don’t even need experience any more!
How Karmen Infects Computers
Karmen is able to encrypt the files of the infected device with the use of strong encryption protocols. As a result, the user will not be able to access their files.
The malware triggers ransom notes asking the user to make large ransom payments for obtaining decryption keys from the hacker.
When Karmen infects a computer, the victim sees a message that warns them not to interfere with the program. Doing so will damage or alter their files.
The unique feature of Karmen is that criminals are able to control the ransomware from their browsers remotely.
The attacker is able to view a centralized dashboard of their entire attack via the web.
The dashboard enables the hacker to manage the computers of the victims, allowing them to see the amount of money paid.
If the amount is not sufficient in their eyes, the hacker simply increases the ransom price requested.
Bitcoin Accepted for Payment
Karmen ransomware differs from the rest of its competition. It offers full file encryption, along with individual wallet addresses for accepting Bitcoin payments. This is customized for each individual victim affected by the ransomware.
Different also, is the minimal amount of communication required between the command or control servers and the ransomware itself. This makes the ransomware very difficult to trace back to the criminals.
After the victim makes the Bitcoin payment, the ransomware is deleted from their system automatically. This is yet another unique change, making it almost impossible to track the perpetrators.
Karmen’s command interface allows the hacker to change the settings with the use of a control panel. As such, the user doesn’t need much technical knowledge to control the ransomware. This makes it easy to use, even for new cyber-criminals.
The Karmen control panel also a page for tracking victims. The user can literally keep track of the computers that have been victimized.
The hacker can easily view relevant information on the dashboard. This would be things like the number of clients, the money earned, updates to the software and so on.
Easy to Use
In order to use the Karmen ransomware, the cyber-criminal first buys a membership.
After making their payment, the person can access the online control panels located on the dark web site. They can then modify the configurations of the malware according to their preferences.
Ransomware services like Karmen are proving to be very popular among cyber-criminals. It is only natural that cyber-criminals will continue to introduce new types of ransomware like Karmen in the future.
Home and business users alike must update their devices with antivirus solutions, in order to protect themselves from such threats. The Karmen RaaS ransomware may not be as powerful as its developers want people to believe. However, as with any other malware, this ransomware cannot be ignored.
Ransomware, as a service for sale, is a very real threat. It is difficult for victims who are not tech savvy to deal with such malware infections.
Don’t be fooled into thinking that you’re in good shape because you have an anti-virus program installed. This is far from enough. Cyber-criminals have those beaten the day they come out!
If you’re a business owner, you need the additional protection of data breach insurance! If you remember past blog posts, you may remember 6.5 million dollars average cost to recover from a breach. You need the additional protection that insurance provides!
MrInsurability is here with the most current and customizable coverage available. No matter what you need, we’re here when you need us!