For Sale: Cheap DIY Cyber Crime Kits

Uploaded on 2025-04-21 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cheap ransomware is being sold for one-time use on the Dark Web, allowing the most inexperienced amateur criminals  to get involved with cyber crime without any direct interaction with the makers.

Some of these kits that enable  criminals with minimal tech skills to deploy malware  to steal personal information, carry out identity theft and access bank accounts, are available for less than $25.

Such malware infections can lead to the complete loss of device control, enabling cyber criminals to steal files, encrypt sensitive data, or launch ransomware attacks. 

Furthermore, subscription-based Phishing as a Service (PhaaS) is also on the rise, with these services handle everything from hosting to victim targeting.

In 2024 the most commonly impersonated brands in phishing attacks were Google, Facebook, and Microsoft, and  fake URLs imitating these popular platforms are a primary method for cyber criminals to harvest credentials.
Nearly 85,000 fake Google URLs were discovered in 2024.

In the same way, .exe, .zip, .php, .dll and .pdf were the riskiest file extensions when downloading unverified content. Video hosting, entertainment and sports, meanwhile, were the domain categories with the most malware.

Now, research from Barracuda Networks reveals that the first quarter of this year showed a massive spike in phishing, with more than a million attacks detected by the firm's systems in January and February.

#Tycoon 2FA was the most prominent platform, accounting for 89% of incidents in January 2025. Next came EvilProxy, with a share of 8%, followed by a new contender, Sneaky 2FA, with a 3% share of attacks.

To stay safe from this growing threat, users are advised to enable multifactor authentication, to constantly check suspicious links for miss-spellings or inconsistencies before clicking on unverified links and to avoid free video hosting sites, 

Barracuda    |    Sophos   |     ITPro   |   The Record  |    HelpNetSecurity 

Image: PashaIgnatov

You Might Also Read: 

AI-Based Phishing Attacks Demand A Multi-Pronged Response:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« The Geostrategic Battle Over Semiconductor Chips Just Got Bigger

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

OneLogin

OneLogin

OneLogin simplifies identity management with secure, one-click access,for employees, customers and partners, through all device types, to all enterprise cloud and on-premise applications.

Global Learning Systems (GLS)

Global Learning Systems (GLS)

Global Learning Systems provides security awareness and compliance training programs for employees that effectively promote behavior change and protect your organization.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

K2 Integrity

K2 Integrity

K2 Integrity is a preeminent risk, compliance, investigations, and monitoring firm - built by industry leaders to safeguard our clients’ operations, reputations, and economic security.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Desec Security

Desec Security

Desec's training platform allows professionals around of the world to acquire knowledge and practical experience in Information Security.

Cyber Security Jobs

Cyber Security Jobs

Cyber Security Jobs was formed to help job seekers find jobs and recruiters fill cyber security job vacancies.

Global Incubator Network Austria (GIN Austria)

Global Incubator Network Austria (GIN Austria)

GIN Austria is the connecting link between Austrian and international startups, investors, incubators and accelerators with a focus on selected hotspots in Asia.

NETRIO

NETRIO

If you are looking for a highly mature, exceptionally competent Managed Service Provider, NETRIO has solutions to keep your business running at warp speed with zero disruptions.

Panacea Infosec

Panacea Infosec

Panacea Infosec is a leading provider of information security compliance services. We help our clients in protecting their data, reducing security risks and fighting cybercrime.

HiddenLayer

HiddenLayer

HiddenLayer is a provider of security solutions for machine learning algorithms, models and the data that power them.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

inWebo

inWebo

inWebo is the specialist in multi-factor strong authentication (MFA). We guarantee the security of data and identities in a digital world with increasingly important economic and political stakes.

APCERT

APCERT

APCERT cooperates with CERTs and CSIRTs to ensure internet security in the Asia Pacific region, based around genuine information sharing, trust and cooperation.

Focus Group

Focus Group

Focus Group are one of the UK’s leading independent providers of essential business technology. Here to take care of all your telecoms, IT and connectivity services.

EyBrids

EyBrids

As a forward-thinking cybersecurity consulting firm, we believe that robust security is the foundation for innovation and growth in today’s digital landscape.