It’s Cheap, It’s Easy, It’s Dangerous: Karmen Ransomware Hits the Criminal Black Market
By Amanda McKeon on April 24, 2017
Over the last two years, ransomware has become the hottest commodity in the criminal black market. And we do mean commodity — it’s getting cheaper and more accessible to crooks, even the unskilled ones.
On March 4 of this year, a leading cyber criminal, who goes by the name “Dereck1,” mentioned that there was a new ransomware variant out called “Karmen.” But Dereck1 wasn’t the one hawking this in the criminal market. Instead, it’s a Russian speaker who goes by the name of “DevBitox.”
The first infections seem to go back to December of 2016, with victims in Germany and the United States reporting infection. DevBitox is no cryptographic ace — by his own admission, he was involved only with web development and control panel design, the criminal customer’s user experience. But Karmen is interesting not only because it’s dangerous, but because it’s cheap, and because it affords some insight into the way criminal markets function. Joining us to talk about Karmen is Andrei Barysevich, Director of Advanced Collection at Recorded Future.