Stampado Ransomware Starts Deleting Files If No Payment Is Made

A nasty new variant of ransomware known as Stampado is being actively promoted on the dark web, researchers at Heimdal Security have warned, with a lifetime licence costing as little as $39 (£29.15).

What makes this particular family such a nasty variant of ransomware, is that it is being touted as easy to use and manage, with no need for a host, only an email address.

Deletion Deadline

The creators even offer potential clients a promotional video of Stampado on Youtube, detailing some of its features.

For example, Stampado does not require administrator privileges to infect computers.

But even worse is the fact that victims have just 96 hours to pay the ransom. If the sum isn’t paid, Stampado will delete a random file from the victim’s PC every 6 hours.

“Cryptoware is such a big segment of the malware economy, malware creators have to constantly release new “products” to keep their clients engaged and the money flowing,” said Heimdal Security.

“Although we know it’s wishful thinking, we can only hope that this ransomware family won’t spread to affect too many users. Unfortunately, given the details we just mentioned, the opposite might just happen.

“The wisest thing that any user and organisation can do is understand how ransomware acts and spreads, going beyond data encryption. Once you’ve finally had that ‘a-ha!’ moment, you’ll understand why anti-ransomware protection is important and why data back-ups are a must-have!”

The discovery of Stampado comes after another nasty piece of malware was revealed this week. Cisco’s Talos Labs uncovered malware that poses as ransomware, which actually just deletes your files even if the ransom is paid.

That malware, which has been dubbed ‘Ranscam’, follows the conventional ransomware route by infecting a computer, encrypting the files, and then demanding a payment to unlock them.

Profitable Business

Ransomware unfortunately is a profitable business for criminals. SentinelOne researchers discovered last month that a new version of the CryptXXX family of ransomware had netted payments of about £26,000 during a period of less than three weeks.

And there is little doubt that ransomware is a huge threat nowadays, and it has hit all types of organisations including hospitals and even NASCAR racing teams. ESET has previously warned that the UK was being heavily targeted by ransomware.

Earlier this year the gang behind the TeslaCrypt ransomware shut down their criminal operation and apologised. The gang also handed over the universal master decryption key to the malware to security researchers ESET.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

US Finalises Billions In Awards To Samsung, Texas Instruments

US finalises $4.7bn award to Samsung Electronics, $1.6bn to Texas Instruments to boost domestic chip…

8 hours ago

OpenAI Starts Testing New ‘Reasoning’ AI Model

OpenAI begins safety testing of new model o3 that uses 'reasoning' process to ensure reliability…

8 hours ago

US ‘Adding Sophgo’ To Blacklist Over Link To Huawei AI Chip

US Commerce Department reportedly adding China's Sophgo to trade blacklist after TSMC-manufactured part found in…

9 hours ago

Amazon Workers Go On Strike Across US

Amazon staff in seven cities across US go on strike after company fails to negotiate,…

9 hours ago

Senators Ask Biden To Extend TikTok Ban Deadline

Two US senators ask president Joe Biden to delay TikTok ban by 90 days after…

10 hours ago

Journalism Group Calls On Apple To Remove AI Feature

Reporters Without Borders calls on Apple to remove AI notification summaries feature after it generates…

10 hours ago