Developing and distributing ransomware can be a very effective moneymaking enterprise if done properly. Capitalism rewards people who know how to profit from other people’s misery, so it can be an excellent opportunity for you.
The path to cyberattack riches seems simple.
Step one: Make something that can encrypt a HDD’s files with a 256-bit AES cipher.
Step two: Get a Bitcoin account.
Step three: Make a scary but easy-to-understand UI that makes your intentions clear, with a simple means to send Bitcoin to your account. Insert extra skull-and-crossbones graphics if necessary.
Step four: Find a simple exploit that affects at least 10% of all endpoints worldwide.
Step five: Make phishing emails, web vulnerability exploiting bots, Microsoft Word macros, whatever.
Step six: ?
Step seven: Profit!
But it’s not quite that simple. There are lots of malware researchers these days, and there are even more cybersecurity writers like myself. Unless you can obfuscate your code a la Stuxnet (a tall order if you don’t have a budget in the hundreds of millions of dollars) your code will be reverse engineered. That applies as much to scripts bought from the Dark Web as it does to code you’ve mainly written yourself. You’ve gotta use some of the same APIs, eh?
So that sort of news further popularizes the idea that paying your ransom is pointless.
Whoever developed WannaCry was very clever when they chose their exploit, but rather foolish with their code.
If you want to actually make BIG MONEY developing ransomware, focus on a means of decryption for your ransom payers.
That’s my advice for you. You’re welcome!
If you enjoyed my article, there are two ways that you can help me.
First, you can click on the little green heart to recommend my article.
Secondly, you can make a small donation to
my Patreon. Thank you!