Ransomware as a Service (RaaS) is easier to purchase than you may think
Let me start by saying that when I was asked to write this post, I didn’t think it would take me down a dark and twisted rabbit hole. And yet, here I am, having spent the better part of four hours reading about a process I thought I knew.
So let’s talk about RaaS. I want to make sure you understand that PC Matic in NO WAY supports or condones the efforts of those using malicious scripting to victimize others. Ransomware is the war that we’re fighting. But, as in any war, you need to know your enemy.
It should also be noted that the research done for this is not, in any way, supposed to be a guidebook for How To Buy Ransomware Without Really Trying. Don’t be that person.
Where to start
I do know the basics of how people buy ransomware. Subsequently, I know you have to go searching the dark web. I also know that you can deploy with almost zero tech ability. But I didn’t know the nuance. For that, I reached out to one of our malware researchers here at PC Matic.
He gave me a step by step guide on how to access the dark web. What a magical place! (This is heavy sarcasm.) There are a decent amount of precautions you should take before browsing. These steps will keep you safe from the dredges of the internet that lurk there. They’re waiting for an unsuspecting noob to wander curiously through the dark crevices. Don’t be fooled, this isn’t a place you want to be frivolous.
Once you’re (safely) in, it’s up to you to find the search tools and chat rooms to begin shopping for ransomware.
Weeding out the competition
As with any seedy, back alley market, a lot of what you’ll find is bogus. There’s a wonderful article I read by Drake Bennett of Bloomberg Businessweek on his foray into purchasing ransomware. Even after thinking he’d purchased legitimate ransomware (that makes me laugh), he still found himself in the middle of a scam.
But if you’re still determined on becoming one of the cyber criminals, there is a lot of support in the dark web chat rooms. Many of the others there will let you know who is and isn’t legit. Once you’ve purchased your program, there are even instructional guides and tech support channels to help you deploy.
Now that you’ve picked your target, it’s just a few more clicks and emails before sending out the bait. The most common form of ransomware for novices revolves around phishing techniques. If you do get a hit, the ransomware will walk you through how to collect and then send out a decryption key. And just like that, you’re a cyber criminal.
Now you may be saying that this all sounds incredibly easy. That’s because, as I mentioned, I am not here to write a field guide on how to become a cyber criminal. I’m simply here to bring more knowledge to light as to how common it is. All of this could realistically be done in a day. This explains why ransomware attacks are rising in the US.
If, after reading this, you think it sounds good, there are some things you should know. This is cyber crime. In the US, the punishments for even having deployable ransomware on your device is enough to get you in plenty of hot water. But, this is criminal activity we’re talking about, so of course there are consequences.
Tor browsers, which are used by some to access the dark web, were built by the US Naval Research Laboratory with the express purpose of protecting US intelligence. Additionally, most government agencies and major news outlets all have a presence on the dark web. The anonymity of access doesn’t guarantee you won’t get caught.
The reality is, many of these attacks are originated overseas, by seasoned criminals who are very good at covering their tracks. Whether that is a hacker who uses RaaS or a swift-coding cyber criminal starting the process from scratch, they are good.
Adding another layer of complexity to this, we are dealing with cyber. The bounds are limitless, and there are additional layers of anonymity available to increase your secrecy on the dark web. Hiding how malicious emails are delivered, covering up IP addresses, and more are now commonplace.
Just scratching the surface
As I stated when we began, this post was in no way supposed to be a guide or even an endorsement to purchase ransomware. We’re here to educate. If you’re going to fight a war, you need to know who you’re fighting and the nuance of their techniques.
I hope this has given you a brief insight as to how the prevalence of ransomware has grown. I also hope it makes you think twice about clicking the attachment in that email that allegedly came from your co-worker. Knowledge is power.
To hear our CEO, Rob Cheng, talk about the dark web and purchasing ransomware, listen to the clip below.
And to listen to the entire show, just hit play on the Vimeo link.