14 DAY TRIAL // Cybercriminals in the ransomware game have a clue or two about how to make their business bloom and try to deliver malware pieces to users that are most likely to respond to their bait.
In the case of Tox, the lure was a file that said it contained “hot pics” and it was distributed in locations frequented by individuals looking for child pornography, the author of the toolkit said.
Tox infections above 1,000, developer claims
Tox ransomware has file encryption capabilities, which are deployed immediately after installation on the victim’s computer. The data is held hostage until a ransom is paid.
The malware was created by a teenage student, who developed a platform for anyone to create their version and cash in the ransom paid by victims.
Access to the platform was free of charge, but customers, most of them script kiddies, had to distribute the malware and give 30% of the profit to the author of Tox, who took the same name as the ransomware.
All this sounds like a good deal, but security researchers that analyzed the ransomware piece say that its code lacked efficiency and complexity. Last week, its creator decided to call it quits and sell the business to the highest bidder, after reaching the conclusion that he was not a criminal.
Crooks launch malware according to user interests
In the announcement, Tox said that the service had about 1,000 users and the number of infections was above this figure.
Victims were selected according to their interests, and at the beginning, pedophiles were sought. “Pedophiles were the main target at the beginning, as it is easy to make them download a file saying it contains ‘hot pics’,” Tox told Vocative in a conversation over email.
It is unclear how many such individuals fell for the trick, but if this is true, it would be one of the few examples of malware actually doing some good. On the other hand, this could also put exchangers of illegal pornography on guard about the dangers of clicking alluring links and make them become more security conscious about this sort of dangers.