With Tox, Now Anyone Can Create Ransomware...And For Free

It seems that it was just yesterday that someone had to know a thing or two about software and programming to wreak havoc on fine upstanding Internet citizens via malware incursion. Ah, the good old days. Nostalgia aside, though, one cannot help but feel rattled by the news that security researchers at McAfee have discovered new software with which the oh-so-nefarious out there can easily construct their own ransomware. And not only is such a product in the wild, but it is online software, too, accessible by anyone capable of navigating a keyboard and a TOR browser. 

Dubbed Tox, the devil's tool raising the ruckus runs on TOR and is easy to work out and completely free to use. Now the idea of a freely provided tool that bad guys can use to extract cash from the Web-bound helpless may sound and smell a bit funny, however the purveyors of this dark matter have set up their wares in such a way that they receive a 30% cut of any ransoms collected...and there isn't anything funny about that. 

toxmalware

Tox is a 2MB executable that is disguised as an .scr file, which the would-be system kidnapper creates as follows: the user registers on the quite user-friendly site (specifically not linked here), inputs their ransomware amount, enters their "cause" (the alert that announces to the victim that their system is being held hostage), and fills out a captcha.

Once some dastardly felon creates the rogue .exe-in-.scr-clothing it is simply a matter of distribution and installation. Any unwitting party that accidentally opens the file will suffer the encryption of all of their system data, and they will only get back their data upon a payment made in Bitcoins (and as one might expect, the alert received by the hapless victim is amenable enough to offer instruction on how to buy Bitcoins and make payments with same).

  toxmalware2

All scary stuff to be sure, and just the latest example of the importance of practicing great diligence before opening any file received, no matter the provider. And with education, thinking, and hard coding grunt work removed from the noxious practice of ransomware development...well, for those who haven't done so yet, now might be a very good time to finally work out the whole Bitcoin purchase thing.