‘Junk gun’ ransomware: Peashooters can still pack a punch
In the 1960s and ’70s, the US firearms market saw an influx of cheaply-made, imported handguns. Legislators targeted the proliferation of these inexpensive and frequently unreliable weapons, ostensibly because they were believed to pose a risk to their owners and facilitate criminality. This was not an issue unique to the US or to that time period, of course; in the UK, where handguns are now strictly regulated, criminals often resort to reactivated, or even home-made or antique, firearms.
Despite ‘junk guns’ often being inaccurate and prone to malfunction, purchasing or creating them does have advantages for a would-be criminal. Such weapons are unlikely to be on law enforcement’s radar, and can be difficult to trace. They tend to be cheap, lowering the cost of entry to illicit ownership and usage. And they can often be made or obtained without needing access to extensive criminal networks.
During a recent investigation into several underground cybercrime forums – particularly those frequented by lower-skilled threat actors – Sophos X-Ops discovered something interesting: a ransomware equivalent to junk guns.
/https://public-media.si-cdn.com/filer/a3/17/a31738aa-3394-4f35-b77c-cf537f6fb17c/gettyimages-579860044_web.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/25429532/TAO.jpg)
