A new Tor hidden service called Inpivx evolves the concept of the ransomware-as-a-service making it very easy for crooks without technical skills to develop their own malware and build a management panel.
Operators behind the service offer for sale the source code for the ransomware and for the management dashboard. The availability of the source code allows crooks to customize their ransomware.
Watch out, Inpivx is not a RaaS and for this reason, it does not supply hosting services.
The ransomware is written in C++ and supports almost any Windows OS version, from Windows XP through Windows 10, while the dashboard is coded in PHP.
The package goes for $500, it also includes the decryption tool, operators also provide a detailed tutorial.
“If the client has no skill, we provide a tutorial based on our own ransomware dashboard each line of code has an explanation,” an Inpivx member told BleepingComputer.
The dashboard provides infection data in real time, it includes the total number of encrypted files, number of infections, the operating systems of the infected machines and their geographical distribution.
It also implements a chat that allows operators to communicate with the victims.
A specific clients section includes information on infected machines, such as the victim IDs, the operating system, the ransom price, the decryption key, and the payment status.
“Inpivx approach is highly likely to attract to the ransomware game individuals with expertise in other areas of the crime business.” wrote Ionut Ilascu from BleepingComputer. “With access to the source code, they can alter the original ransomware product and create new strains that could evolve to something new by combining code from other malware.”
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Tor, Inpivx)
[adrotate banner=”5″]
[adrotate banner=”13″]
Experts found two vulnerabilities in the vBulletin forum software, one of which is already being…
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
This website uses cookies.
