Hackers selling new Stampado ransomware on the dark web for a mere $39

Hackers have been found to be selling a new ransomware family on the dark web for a mere $39 for a lifetime licence. Security researchers have uncovered that the ransomware, dubbed Stampado, is being aggressively marketed at a surprisingly low cost, in efforts to lure as many buyers as possible.

Security researchers say the ransomware is being touted as a "flexible" product, which functions in a way similar to CryptoLocker and other existing ransomware strains. Stampado is also allegedly capable of infecting systems without administrative privileges. This also appears to be in line with most other ransomware strains which do not require admin privileges to encrypt data.

Heimdal Security official Andra Zaharia told IBTimes UK: "Stampado samples have been spotted in the wild yet. The ad on the Dark web is very recent, so this ransomware family is only just beginning to spread."

Ransomware bargain

Commenting on the surprisingly low rate Stampado is priced, she said: "Stampado is definitely cheap. Ransomware-as-a-service is usually sold as a subscription-based service and it costs around a few hundred dollars. While there is no definitive benchmark to judge this by, from the data we have at the moment, we can say that this is fairly accessible. The reason Stampado creators priced their ransomware this low could be that they aim for widespread distribution and to appeal to less experienced malicious hackers who also want to get in on the action."

The advertisement for Stampado reads: "You always wanted a ransomware but never wanted two pay hundreds of dollars for it? Stampado is a cheap and easy-to-manage ransomware, developed by me and my team. It's meant to be really easy-to-use. You'll not need a host. All you will need is an email account." Additionally, the ransomware ad comes with a YouTube video presentation that shows the ransomware "in action".

Stampado's capabilities

In addition to encrypting victims' data, Stampado boasts of providing victims with a 96-hour deadline to pay up the demanded ransom. In the event that the ransom is not paid, Stampado will begin deleting random files from the system every six hours.

The recent rise in cybercrime and the growing demand within the business have affected the industry such that trends in the development as well as sales of malicious codes have begun changing. "Just like with legitimate and legal brands, the cyber crime business is also driven by reputation and legitimacy. Notorious cyber criminals have an easier time promoting their malicious code, because their reputation precedes them. However, newcomers have to be edgier and more vocal to stand out, so I think this might be the case with Stampado creators," Zaharia explained.

The advertising techniques used by the authors of Stampado are indicative of the flexible nature of the cybercrime industry. It also serves as a reminder that as hackers continue to update their cyberattack techniques, a corresponding evolution may also be noted in their advertising techniques.