For Sale: Cheap DIY Cyber Crime Kits

Uploaded on 2025-04-21 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cheap ransomware is being sold for one-time use on the Dark Web, allowing the most inexperienced amateur criminals  to get involved with cyber crime without any direct interaction with the makers.

Some of these kits that enable  criminals with minimal tech skills to deploy malware  to steal personal information, carry out identity theft and access bank accounts, are available for less than $25.

Such malware infections can lead to the complete loss of device control, enabling cyber criminals to steal files, encrypt sensitive data, or launch ransomware attacks. 

Furthermore, subscription-based Phishing as a Service (PhaaS) is also on the rise, with these services handle everything from hosting to victim targeting.

In 2024 the most commonly impersonated brands in phishing attacks were Google, Facebook, and Microsoft, and  fake URLs imitating these popular platforms are a primary method for cyber criminals to harvest credentials.
Nearly 85,000 fake Google URLs were discovered in 2024.

In the same way, .exe, .zip, .php, .dll and .pdf were the riskiest file extensions when downloading unverified content. Video hosting, entertainment and sports, meanwhile, were the domain categories with the most malware.

Now, research from Barracuda Networks reveals that the first quarter of this year showed a massive spike in phishing, with more than a million attacks detected by the firm's systems in January and February.

#Tycoon 2FA was the most prominent platform, accounting for 89% of incidents in January 2025. Next came EvilProxy, with a share of 8%, followed by a new contender, Sneaky 2FA, with a 3% share of attacks.

To stay safe from this growing threat, users are advised to enable multifactor authentication, to constantly check suspicious links for miss-spellings or inconsistencies before clicking on unverified links and to avoid free video hosting sites, 

Barracuda    |    Sophos   |     ITPro   |   The Record  |    HelpNetSecurity 

Image: PashaIgnatov

You Might Also Read: 

AI-Based Phishing Attacks Demand A Multi-Pronged Response:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« The Geostrategic Battle Over Semiconductor Chips Just Got Bigger
Fraud Is Dominating Cyber Insurance Claims »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

QASymphony

QASymphony

QASymphony software testing and QA tools help companies create better software by improving speed, efficiency and collaboration during the testing lifecycle.

Planit Testing

Planit Testing

Planit is a leader in Quality Assurance and a specialist in software testing and training services.

Northwave

Northwave

Northwave offers an Intelligent combination of cyber security services to protect your information.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

Deep Mirror Automotive Cybersecurity

Deep Mirror Automotive Cybersecurity

Deep Mirror Automotive Cybersecurity make Cars & Infrastructures Cybersecure.

Invest Ottawa

Invest Ottawa

The IO Accelerator Program is designed to rapidly and systematically accelerate the development and commercial success of high growth technology firms.

Ensighten

Ensighten

Ensighten is a leader in Website Security & Privacy Compliance. Protect your website from malicious attacks, monitor & detect vulnerabilities, protect consumer data.

SubRosa Cyber Solutions

SubRosa Cyber Solutions

SubRosa Cyber Solutions solves its clients’ most tenacious information security, risk and compliance challenges through a multitude of information technology services and expertise.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.

Xopero Software

Xopero Software

Xopero Software develops a comprehensive range of professional tools for protecting and restoring critical business data.

Involta

Involta

Involta orchestrates IT transformation journeys using well-defined and rigorous processes to deliver hybrid cloud solutions, consulting and data center services tailored to our clients’ needs.

Verichains

Verichains

Verichains Lab is a pioneer and leading APAC blockchain security firm with extensive expertise in the areas of security, cryptography and core blockchain technology.

Ping Identity

Ping Identity

At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. That’s digital freedom.

SquareX

SquareX

Squarex secures your online activities without compromising productivity.

ProvenRun

ProvenRun

ProvenRun is a leading provider of trusted software solutions with extensive expertise and an unwavering commitment to security.

Trustmi

Trustmi

Trustmi is a leading fintech cybersecurity solution designed to prevent financial losses from fraud and errors, 24/7.

CyVent

CyVent

CyVent helps you select the right cybersecurity solutions at the right price for your unique situation, without the need to invest endless time evaluating the ever-evolving options.