Karmen low-cost ransomware found

Karmen low-cost ransomware found

Karmen low-cost ransomware found

Karmen low-cost ransomware found. Yes, security experts have spotted a new “ransomware as a service” (RaaS) called Karmen from threat intelligence firm Recorded Future. This service permits anyone to set up an account and customize their own ransomware campaign.

Ransomware is malware for data kidnapping, an exploit in which the attacker encrypts the victim’s data and demands payment for the decryption key. Ransomware spreads through e-mail attachments, infected programs and compromised websites. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm.

Read more about MacOS under Ransomware attack and Unique Ransomware Vulnerability Attack

The Karmen RaaS is very cheap, it costs just $175, buyers can decide the ransom prices and the duration of the period in which the victims can pay the ransom.

Karmen low-cost ransomware found

It is a multi-threaded and multi-language ransomware that supports .NET 4.0 and uses the AES-256 encryption standard. The malware is .NET dependent and requires PHP 5.6 and MySQL.

It works like any typical ransomware infections, Karmen encrypts files on the infected PC using the strong AES-256 encryption protocol, making them inaccessible to the victim until he/she pays a large sum of money to obtain the decryption key from the attacker.

Karmen automatically deletes its decryptor if analysis software is detected on the victim’s computer to make security researchers away from investigating the threat.

According to Recorded Future, “Karmen Ransomware is sold as a standalone malware variant, only requiring a one-time upfront payment, allowing a buyer to retain 100 percent of payments from infected victims”.

The ransomware is sold in both light and full versions, with the light version omitting sandbox identification functionality; therefore offering a much smaller file size. The RaaS variant is based on the abandoned open-source ransomware building toolkit dubbed Hidden Tear and is being sold on Dark Web forums from Russian-speaking hacker named DevBitox for $175.

Further investigation discovered that “DevBitox” a Russian-speaking cyber criminal, was the seller behind the Karmen malware in March 2017.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Leave a Reply

Your email address will not be published. Required fields are marked *



Click one of our representatives below to chat on WhatsApp or send us an email to [email protected]

× Hi How can we help you