For Sale: Cheap DIY Cyber Crime Kits

Uploaded on 2025-04-21 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cheap ransomware is being sold for one-time use on the Dark Web, allowing the most inexperienced amateur criminals  to get involved with cyber crime without any direct interaction with the makers.

Some of these kits that enable  criminals with minimal tech skills to deploy malware  to steal personal information, carry out identity theft and access bank accounts, are available for less than $25.

Such malware infections can lead to the complete loss of device control, enabling cyber criminals to steal files, encrypt sensitive data, or launch ransomware attacks. 

Furthermore, subscription-based Phishing as a Service (PhaaS) is also on the rise, with these services handle everything from hosting to victim targeting.

In 2024 the most commonly impersonated brands in phishing attacks were Google, Facebook, and Microsoft, and  fake URLs imitating these popular platforms are a primary method for cyber criminals to harvest credentials.
Nearly 85,000 fake Google URLs were discovered in 2024.

In the same way, .exe, .zip, .php, .dll and .pdf were the riskiest file extensions when downloading unverified content. Video hosting, entertainment and sports, meanwhile, were the domain categories with the most malware.

Now, research from Barracuda Networks reveals that the first quarter of this year showed a massive spike in phishing, with more than a million attacks detected by the firm's systems in January and February.

#Tycoon 2FA was the most prominent platform, accounting for 89% of incidents in January 2025. Next came EvilProxy, with a share of 8%, followed by a new contender, Sneaky 2FA, with a 3% share of attacks.

To stay safe from this growing threat, users are advised to enable multifactor authentication, to constantly check suspicious links for miss-spellings or inconsistencies before clicking on unverified links and to avoid free video hosting sites, 

Barracuda    |    Sophos   |     ITPro   |   The Record  |    HelpNetSecurity 

Image: PashaIgnatov

You Might Also Read: 

AI-Based Phishing Attacks Demand A Multi-Pronged Response:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« The Geostrategic Battle Over Semiconductor Chips Just Got Bigger
Fraud Is Dominating Cyber Insurance Claims »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Spiceworks

Spiceworks

Spiceworks provide a range of free apps for IT professionals including network inventory, network monitor, and help desk.

GTB Technologies

GTB Technologies

GTB Technologies is a cyber security company that focuses on providing enterprise class data protection and data loss prevention solutions.

Cyber Security Expo

Cyber Security Expo

Cyber Security EXPO is a unique one day recruitment event for the cyber security industry.

Maven Technologies

Maven Technologies

Maven Technologies specialize in secure data destruction, electronics recycling, asset management, and highly detailed reporting.

Cyber Science

Cyber Science

Cyber Science is the flagship conference of C-MRiC, focusing on pioneering research and innovation in Cyber Situational Awareness, Social Media, Cyber Security and Cyber Incident Response.

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

Nominet

Nominet

Nominet's cyber division offers network detection and response services to governments and enterprises worldwide.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

OriginalMy

OriginalMy

OriginalMy is a cybersecurity startup, focussed on digital governance and information authentication. Its mission is to prove authenticity using state-of-the-art cryptography and blockchain technology

TrustGrid

TrustGrid

Trustgrid is a pioneer and leader in secure, cloud-native software-defined connectivity.

Otava

Otava

Otava is a global leader of secure, compliant hybrid cloud and IT solutions for service providers, channel partners and enterprise clients.

Phylum

Phylum

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation.

Incyber

Incyber

Incyber is a fully integrated network and cybersecurity solutions provider contracted to safeguard public and private enterprise, high value data and sensitive industries.

Security Compliance Associates (SCA)

Security Compliance Associates (SCA)

The sole focus of SCA is safeguarding critical information and complying with information security regulations.

AUCyber

AUCyber

AUCyber is a leading provider of managed cyber security solutions and consultancy services, specialising in supporting Australian organisations and Government agencies.