A crazy cheap, brand-new ransomware has hit the Dark Web this week, dubbed Stampado.
According to Heimdal Security, it’s similar to CryptoLocker in functionality, but includes a few extra tricks, such as the fact that it doesn’t need administrator privileges to infect computers.
It also gives the victims 96 hours to pay the ransom. If the ransom isn’t paid, Stampado will delete a random file from the victim’s PC every six hours—a new threat in the tricks bag, seemingly ripped straight from a TV police procedural.
But Stampado’s main selling point—and source of concern for the rest of us—is the price: It’s just $39 for a lifetime license. That lowers the barrier to entry for criminals to beyond all understanding.
“Because cryptoware is such a big segment of the malware economy, malware creators have to constantly release new ‘products’ to keep their clients engaged and the money flowing,” said Andra Zaharia, Heimdal security specialist, in a blog.
Its creators have mounted aggressive (and grammar-challenged) ad campaigns, trying to cast a wide net for their wares, with used-car-style lingo:
“Newest Ransomware in market! Stampado Ransomware: You always wanted a Ransomware but never wanted two pay Hundreds of dollars for it? This list is for you! ?? Stampado is a cheap and easy-to-manage ransomware, developed by me and my team. It’s meant two be really easy-to-use. You’ll not need a host. All you will need is an email account.”
All you will need is an email account. Rather chilling.
The authors have also uploaded a video to YouTube showing Stampado at work.
This one has the potential to spread far and wide. Users should protect themselves by avoiding clicking on links and attachments in emails, and above all, by using a data backup service to be able to recover files in the event of an attack.
Photo © Africa Studio