Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tox Ransomware dev calls it quits and looks for buyer for affiliate platform


  • Please log in to reply
38 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:42 AM

Posted 03 June 2015 - 01:47 PM

The developer of the Tox ransomware affiliate platform has decided to get out of the ransomware business and is looking to sell his affiliate platform. In a post on Pastebin, the dev named Tox, claims that he never expected his platform to gain so much attention and the heat is too much for him to handle. Tox further states that is selling his platform and if no one buys it, he will release the keys and automatically decrypt any victim's files.
 

tox-for-sale.jpg


It seems Skiddies are starting to realize the magnitude of what they have done and are looking to bail out before they go to jail. First it was the Locker Dev, known as Poka BrightMinds, who apologized and while releasing all of his victim's decryption keys. Now, it's Tox who is only going to release the keys if his greedy ass can't get a buyer. A humorous comment from Tox is:
 

It's been funny, I felt alive, more than ever, but I don't want to be a criminal.

The situation is also getting too hot for me to handle, and (sorry to ruin your expectations) I'm not a team of hard core hackers.

I'm just a teenager student.


Hate to say it Tox, but it's too late and you are already a criminal. You selling the platform will not change that.

All of these devs want a piece of the Ransomware pie, but then realize that this is high stakes and high visibility and want to get out. What people do not realize is that there is no such thing as a "hidden" ransomware. Once you create a program that encrypts people's files and ask for a payment, your program is in plain sight. Furthermore, once a security researcher discovers this they are going hawk your every move. Ultimately, it really is too bad as these are obviously bright people, but are only looking for the quick buck. Wouldn't it be amazing if they used their knowledge to create something truly useful?

The full Pastebin post is:
 

Dear users,

Just one month ago, in one instant, all what I've studied for months fused in one brilliant idea, which was then named Tox. I knew it was something new, something that was completely different from what was already there. I started designing the whole thing in my mind, then I started coding, reading documentations, testing software.

After two weeks of non-stop hard work, the platform was online.

A little more than a week ago, I started posting links around the deep web, in the hope somebody would have given Tox a try.
Things exploded.

Even before the website was ready to host users, the McAfee blog was featuring the article about this platform. The the number of the users started growing. From 20 to 50, from 50 to 100, it was doubling every day. Infections, with a little delay, started growing too.

In just one week, the platform counted over one thousand users and over one thousand infections, with an average of more than two hundreds of polling viruses per half-hour.

Yesterday, 2nd June 2015, I decided to quit.

Plan A was to stay quiet and hidden. Well, I think I screwed up.

It's been funny, I felt alive, more than ever, but I don't want to be a criminal.

The situation is also getting too hot for me to handle, and (sorry to ruin your expectations) I'm not a team of hard core hackers.

I'm just a teenager student.

Some have said I think out of the box, others said I'm a skid who just developed the worst ransomware ever. I think that both opinions may be true, but one thing is objectively true: with Tox, I opened a door for a whole new way of thinking. I'm sure that others will try to replicate what I did. Not just for bad reasons, maybe somebody (maybe myself?) will find out how to do something good based on all this.

One last thing: if I really was a team of hard core hackers, with time and resources, this would have become one the greatest viruses ever.

In these days, in the chat, people helped me testing and debugging the virus, but the most interesting part is that they suggested me how to improve it. I don't think that such a great brainstorming has ever happened in the process of designing a virus. Users were spurred to help me improving the platform, for their own good.

What's next? I'm selling all this out because even if I didn't, somebody would have developed his own Tox-like version.

I'm asking my users to be patient, I'm not going to scam you. In a few days I'll ask you a bitcoin address in the case somebody pays some of your ransoms. I'll forward you your part.

If nobody's going to buy the database, in one month I'm releasing the keys, and victims will have their files automatically unlocked.

My choices are not linked to the recent external events, I pondered all these choices on my own, for my own good.

Sincerily, Tox



BC AdBot (Login to Remove)

 


#2 Orange213

Orange213

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 03 June 2015 - 01:51 PM

I would like to see the same from the creator of the CTB Locker, but I doubt that this will happen any time soon...



#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:42 AM

Posted 03 June 2015 - 01:54 PM

Another bunch of skids will bite the dust. Looks like someone from HF to be honest. Same way of talking, describing things, "projects", etc.

Edited by Aura., 03 June 2015 - 01:54 PM.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:42 AM

Posted 03 June 2015 - 01:59 PM

It's amazing how someone so smart can be so dumb.

#5 Cody Johnston

Cody Johnston

    Bleepin' Adware Hunter


  • Security Colleague
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:42 AM

Posted 03 June 2015 - 02:00 PM

The same info can be found in the FAQ as well: http://toxicola7qwv37qj.onion.city/

 

As well as some spelling mistakes....


Edited by Cody Johnston, 03 June 2015 - 02:00 PM.


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:42 AM

Posted 03 June 2015 - 02:00 PM

I always thought that people like that were wasting their talent.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:10:12 PM

Posted 03 June 2015 - 05:49 PM

Imagine a world without ransomeware or malware...What a beautiful world it would be. You can just browse the internet doing what you want with not a care in the world...sadly it will never happen


they call me te java mayster


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:42 AM

Posted 03 June 2015 - 06:11 PM

Well... if that world existed, there would be no reason for IT Security to exist or be such a developped domain and honestly it would make me a bit sad.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 GT500

GT500

    Authorized Emsisoft Representative


  • Security Colleague
  • 137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Fortville, Indiana, USA
  • Local time:07:42 AM

Posted 03 June 2015 - 06:27 PM

It's amazing how someone so smart can be so dumb.


There's a difference between knowing something and actually being intelligent. I've known people who could read tech articles, books, etc. all day and even recall the information and repeat it almost verbatim, but they didn't understand how the world around them works.

Granted I'm sure that most of us here already understand that knowing something is often irrelevant if you lack experience. A kid with no experience managed to find enough information and help to put together a ransomware and make it a serious threat to data security, but he lacked the experience to do it without putting himself at risk. Now he may spend the rest of his youth paying for that mistake, and while decrypting peoples' data for them may gain him some sympathy with a court it isn't going to buy him a reprieve from the punishment that awaits him.

For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...


#10 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:10:12 PM

Posted 03 June 2015 - 07:14 PM

Well... if that world existed, there would be no reason for IT Security to exist or be such a developped domain and honestly it would make me a bit sad.

 

But...it would be for the best, millions of dollars are being lost every week because of ransomware. Without ransomware the world would be a better place...


they call me te java mayster


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:42 AM

Posted 03 June 2015 - 07:15 PM

Yes, a world without ransomware would do that, but in your first post you said without ransomware and malware hence why I replied that.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:10:42 PM

Posted 03 June 2015 - 08:00 PM

The skid clearly doesn't feel that bad about the whole thing or he would release the keys and empty the bucket on the sand. He's still trying to take money from it... which makes him a criminal. He's just scared of getting caught. There is no remorse involved at all, if he could get away with it he would. Typical "money is god" scumbag.



#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:42 AM

Posted 03 June 2015 - 08:05 PM

Skids don't understand the consequences of their actions, they are terribly stupid in a way it's what makes them dangerous. They'll only stop once the threat is real.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:10:12 PM

Posted 03 June 2015 - 08:47 PM

That much is true...


they call me te java mayster


#15 herbman

herbman

  • Members
  • 416 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 04 June 2015 - 03:07 AM

TsVk  got it exactly right .  This guy is clearly full of himself and has nothing to be full of himself about , he is a menace to society as a whole ,  and yes, he is already a criminal , congratulations Tox , idiot.  






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users