Overclock.net › Forums › Industry News › Software News › [Heimdal] Security Alert: New and Cheap Stampado Ransomware for Sale on the Dark Web
New Posts  All Forums:Forum Nav:

[Heimdal] Security Alert: New and Cheap Stampado Ransomware for Sale on the Dark Web

post #1 of 22
Thread Starter 
Quote:
Security Alert: New and Cheap Stampado Ransomware for Sale on the Dark Web

The ransomware market is booming and evidence to this is, unfortunately, abundant.
And because cryptoware is such a big segment of the malware economy, malware creators have to constantly release new “products” to keep their clients engaged and the money flowing.
Here’s just how a new ransomware family gets advertised on the forums where cyber criminals come to do their shopping.

Enter the new Stampado ransomware


You may not have heard of it, yet, but the odds are that it will soon be all over the news.
Stampado is a new ransomware family promoted through aggressive advertising campaigns on the Dark web.
Its creators are probably aiming to appeal to as many buyers as possible by pricing it well below their competitors in the ransomware-as-a-service market: just $39 for a lifetime license!
The sales pitch is straightforward and very enthusiastic:
Newest Ransomware in market!
———————————
Stampado Ransomware
———————————
You always wanted a Ransomware but never wanted two pay Hundreds of dollars for it?
– This list is for you! 🙂
——————————————————————————————————-
Stampado is a cheap and easy-to-manage ransomware, developed by me and my team.
It’s meant two be really easy-to-use. You’ll not need a host. All you will need is an email account.
The rest of the ad follows the same approach.
The basic details provided in the advertisement indicate that Stampado has roughly the same functionality as CryptoLocker and other similar ransomware.
Another part of the advertisement emphasizes the flexibility that Sampado offers:
The file can be sent in the following formats: exe, bat, dll, scr, and cmd.
You can also use binders, packers and crypters (although it’s FUD – do NOT send it to VirusTotal or other online AV sites because they distribute it to AV companies – even when they say that they don’t. Prefer scanning yourself).
Once if infects a computer, Stampado will add the extension “.locked” to all kidnapped files.
Here is a printscreen of the cyber criminals’ ad on the Dark web, which underlines the key benefit:
Price is ONLY $ 39 for LIFETIME LICENSE!
Taking it one step further, the creators behind Stampado have even uploaded a presentation video to Youtube, showing it in action:

A few extra details are mentioned in the video:
Stampado doesn’t need administrator privileges to infect computers (most ransomware don’t need system permissions to encrypt the data)
It gives the victims 96 hours to pay the ransom
And it includes an additional social engineering trick: if the ransom isn’t paid, Stampado will delete a random file from the victim’s PC every 6 hours.
Although we know it’s wishful thinking, we can only hope that this ransomware family won’t spread to affect too many users. Unfortunately, given the details we just mentioned, the opposite might just happen.
The wisest thing that any user and organization can do is understand how ransomware acts and spreads, going beyond data encryption.
Once you’ve finally had that “a-ha!” moment, you’ll understand why anti-ransomware protection is important and why data back-ups are a must-have!

https://heimdalsecurity.com/blog/security-alert-stampado-ransomware-on-sale/


Also in:

http://news.softpedia.com/news/new-stampado-ransomware-advertised-on-the-dark-web-for-only-39-506272.shtml

Youtube promo video:

https://www.youtube.com/watch?time_continue=10&v=kOp3qqjUUZc

^ Shouldn't Youtube DISALLOW such videos by the way?


I must say, mass campaigning for customized ransomware with lifetime license for 39$ is really good! Any half-baked cyber criminal can buy it and start manually infecting the PCs of his friends and relatives with a USB stick and then wait to see how much he can cash in...


What's next? Subscription model for ransomware? "We are comitted to provide our malware customers with the best ransomware there is, trashing antivirus and cutting through them like butter." lachen.gif


EDIT: And here are programs that provide better protection than antivirus (because the authors test them against antivirus):

http://www.overclock.net/t/1318995/official-fx-8320-fx-8350-vishera-owners-club/60210#post_25166015
Edited by Undervolter - 7/13/16 at 1:08pm
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #2 of 22
What do you mean "now"? Malware has been sold for years already. This is nothing new.
post #3 of 22
Thread Starter 
Quote:
Originally Posted by xxdarkreap3rxx View Post

What do you mean "now"? Malware has been sold for years already. This is nothing new.

The "new" is that they are selling you customized malware with "lifetime license" and for cheap and they aren't even shy of making ad campaign for it.

I know that they 've been selling. I had once met "Tataye", author of the "Beast", who was also selling custom versions. But he was much more shy and you had to seek him, he wasn't coming out with ads or anything. And he had no "lifetime license" for 39$.

More interestingly, they offer 5 different file types. For example, knowing that antiviruses mainly concentrate on exes, you 'd get the best for your money ordering one of the other 4.
Edited by Undervolter - 7/13/16 at 11:46am
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #4 of 22
Quote:
Originally Posted by Undervolter View Post

The "new" is that they are selling you customized malware with "lifetime license" and for cheap and they aren't even shy of making ad campaign for it.

I know that they 've been selling. I had once met "Tataye", author of the "Beast", who was also selling custom versions. But he was much more shy and you had to seek him, he wasn't coming out with ads or anything. And he had no "lifetime license" for 39$.

Customized malware is nothing new. lol @ "lifetime" license.
post #5 of 22
^^^
My Calculator
(13 items)
 
   
CPUMotherboardGraphicsRAM
i7 2670QM Asus G74SW Nvidia GTX 560M 2GB 16GB Samsung Stock 
Hard DriveCoolingOS
500GB + 1TB Samsung's Stock Windows 7 + Ubuntu 12.04 LTS  
  hide details  
Reply
My Calculator
(13 items)
 
   
CPUMotherboardGraphicsRAM
i7 2670QM Asus G74SW Nvidia GTX 560M 2GB 16GB Samsung Stock 
Hard DriveCoolingOS
500GB + 1TB Samsung's Stock Windows 7 + Ubuntu 12.04 LTS  
  hide details  
Reply
post #6 of 22
Thread Starter 
Quote:
Originally Posted by xxdarkreap3rxx View Post

Customized malware is nothing new. lol @ "lifetime" license.

Yeah, but there is a limit of how much info i can put on a title and i have to find a catchy title too. These guys, even make promo videos and have a "company like" "license theme". Which honestly, for 39$ it's a steal. Lifetime license, means that as long as they can code it in a way that an antivirus can't detect it, technically (if you trust their word), you are entitled to new version. Which is an awesome deal.

Quote:
P.S.: I am no longer active security forum member, but i was for 16 years. I 've spoken with malware writers and i know how dangerous they can be, because they even sell "custom malware versions" tailored for you (on payment), guaranteed that no AV can detect them. Also, you don't need to tell me about ways of infections, as i were registered in "offensivecomputing" , before it was renamed to OpenMalware and i was getting all the latest and greatest malware , hot out of the oven from there and i was running them on my own to see their behaviour and program effectiveness against them.

http://www.overclock.net/t/1598752/inforworld-its-time-for-microsoft-to-fix-the-windows-7-update-slowdowns/130#post_25191463

The Beast, was XP era trojan, capable of killing antivirus too. So yes, custom malware is old. But not this way.
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #7 of 22
Quote:
Originally Posted by Undervolter View Post

Yeah, but there is a limit of how much info i can put on a title and i have to find a catchy title too. These guys, even make promo videos and have a "company like" "license theme". Which honestly, for 39$ it's a steal. Lifetime license, means that as long as they can code it in a way that an antivirus can't detect it, technically (if you trust their word), you are entitled to new version. Which is an awesome deal.
The Beast, was XP era trojan, capable of killing antivirus too. So yes, custom malware is old. But not this way.

Normally people copy and paste the article's title instead of creating their own clickbait titles ¯\_(ツ)_/¯
post #8 of 22
Thread Starter 
Quote:
Originally Posted by xxdarkreap3rxx View Post

Normally people copy and paste the article's title instead of creating their own clickbait titles ¯\_(ツ)_/¯

I prefer being creative. My title adds the information about being customized and is less boring. It's good for malware awareness. I got you to read it, didn't i? biggrin.gif This means that others less aware will too. If it was just yet another ransomware, maybe less would bother. One ransomware amongst many others...
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #9 of 22
It's more interesting when members and staff alter titles to push a narrative, than the article itself.
    
CPUMotherboardGraphicsRAM
i7 4930mx 3.5Ghz .97v AW17 Ranger 780m 1006c/2800m 16GB DDR3 1600Mhz 
Hard DriveHard DriveHard DriveHard Drive
256GB SSD 2TB FireCuda 7mm 2TB Firecuda 7mm 1TB Seagate SSHD 
OSMonitorPowerMouse
Windows 10 x64 Pro 17" 1080p120hz TrueColor  330w Delta  G502 Proteus Spectrum 
Audio
SHP9500 w/ HM5 pads & MM4 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 4930mx 3.5Ghz .97v AW17 Ranger 780m 1006c/2800m 16GB DDR3 1600Mhz 
Hard DriveHard DriveHard DriveHard Drive
256GB SSD 2TB FireCuda 7mm 2TB Firecuda 7mm 1TB Seagate SSHD 
OSMonitorPowerMouse
Windows 10 x64 Pro 17" 1080p120hz TrueColor  330w Delta  G502 Proteus Spectrum 
Audio
SHP9500 w/ HM5 pads & MM4 
  hide details  
Reply
post #10 of 22
I don't know what's worse. The criminals who create malware or the idiots that are dumb enough to install it. Hey guys I have this brand new "codec pack" that plays every video known to man! Want a copy? Also here's a torrent to download Windows 11 biggrin.gif
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Heimdal] Security Alert: New and Cheap Stampado Ransomware for Sale on the Dark Web