The Channel logo


By | Darren Pauli 29th May 2015 06:29

Yay for Tor! It's given us RANSOMWARE-as-a-service

A simple but TOXic attack emerges from the onion

Threat Research head Jim Walter says a virus writer has created a ransomware-as-a-service offering which allows luddite criminals to fleece users.

Walter discovered the Tox ransomware on an eponymously named Tor hidden service noting the author required a 30 percent cut of paid Bitcoin ransoms.

He says Tox is one of the few turnkey ransomware offerings allowing scumbags to key in custom ransom notes in a web form.

"Although easy to use and functional, the malware appears to lack complexity and efficiency within the code," Walter says.

"We don’t expect Tox to be the last malware to embrace this model. We also anticipate more skilled development and variations in encryption and evasion techniques."

The Tox author on Twitter thanked McAfee for the 'free advertising', retweeting coverage of the ransomware from an account created to exploit Walter's report.

The author wrote in a FAQ that scum commonly opt to distribute Tox through spam campaigns in which the ransomware would be delivered as a Windows screensaver.

Bitcoin ransoms are paid through the Tox author who promise to send the remaining 70 percent to those distributing the malware.

The operational security chops of the English-speaking author will be put to the test, should the prolific and competent anti-blackhat research community seek to identify the perp and send their special brand of love. ®

comment icon Read 22 comments on this article or post a comment alert Send corrections


Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral


STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock
Honest mistake with your licensing? Audit police look at it on a 'case by case basis'