SITUS INI MENAWARKAN BAGI HASIL 70-30 UNTUK PENYEBARAN VIRUS RANSOMWARE
Sebuah website di deepweb menawarkan penggunanya untuk pembuatan
dan penyebaran virus Ransomware ke komputer dengan basis Windows. Pemilik
website ini mengklaim virus buatannya mampu memblokir seluruh file komputer
yang terjangkit. Untuk membuka file tersebut pemilik komputer diminta untuk membayar sejumlah Bitcoin. Pemilik website kemudian menawarkan pengunjungnya untuk ikut
menyebarkan virus tersebut dengan berbagi keuntungan 70-30 Bitcoin.
"The malware works as advertised." kata McAfee.
FYI bagi yang belum tahu: Bitcoin adalah mata uang yang biasa
diprgunakan untuk berbelanja di deepweb agar transaksinya tidak terlacak.
Nama website tersebut adalah Tox yang beralamat di http://toxicola7qwv37qj.onion
(harus dibuka dengan menggunakan jaringan TOR).
Berikut adalah Screenshot Website tersebut dan
keterangan bagi pengujung yang mau ikut serta dalam penyebaran virus tersebut.
 |
| Halaman depan Situs Tox |
What is
Tox?
We developed a virus which, once opened in a Windows
OS, encrypts all the files. Once this process is completed, it displays a message
asking to pay a ransom to a bitcoin address to unlock the files.
How do I
make money with Tox?
You can subscribe (no mail or other shit needed) and
create your virus. You will have to decide the ransom to unlock the files. Once
you have downloaded your virus, you have to infect people (yes, you can spam
the same virus to more people). How? That’s your part. The most common practice
to spam it as a mail attachment. If you decide to follow this method be sure to
zip the file to prevent antivirus and antispam detection. The most important
part: the bitcoin paid by the victim will be credited to your account. We will
just keep a 30% fee of the income, so if you specify a 100$ ransom, you will
get 70$ and we’ll get 30$, isn’t this fair?
F.A.Q.
Are you
serious?
Yes, why not? This is the best way for us to infect
a lot of people and make a lot of money.
Sure, as long as you use tor and don’t use personally
identifiable information: we don’t need to know you, and you don’t need to know
us. The only thing we’ll ask you is the bitcoin address to withdraw your part.
Are you
going to steal my profit?
Nope, why should we? The best way for us to make
money is having you helping us.
Then why
aren’t you spreading the virus yourself?
We are! But with you, we’re going to have a bigger
income.
Why is the
file a .scr?
Because in this way people will not suspect anything
(who knows what is a .scr?). If you wish, you can change it to .exe it’ll work
the same.
How does
the virus look?
Sexy. The virus has a .src extension (same as .exe
files) and it has the icon of a word document, so the victim wont be suspecting
anything.
Will you
actually decrypt the files once the ransom is
paid?
Yes, we will. We want people to trust us, so that more
people will pay the ransom.
How dow I
withdraw the money?
In the virus section you can monitor the status of
all your viruses. When you have bitcoins to withdraw, just enter your address
and press the Withdraw button.
Saya tidak meneruskan membuka situs tersebut, hanya sampai halaman depan saja. Gak niat, atau lebih condong ke 'Tidak berani' :-D
Untuk melihat cara kerja dan registrasi virus ini silahkan kunjungi blog.McAfee: https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
 |
| Sumber gambar: Blog McAfee |
Demikian sekelumit perjalanan saya ke deepweb malam ini. Semoga kita lebih hati-hati dan dilindungi dari kejahatan virus yang terkutuk... :-)
BTW, apakah anda tertarik untuk menjadi agen penyebar virus... :-D
Salam.
0 Response to "SITUS INI MENAWARKAN BAGI HASIL 70-30 UNTUK PENYEBARAN VIRUS RANSOMWARE"
Post a Comment