Tox Is a Free Ransomware Creator from Deep Web

TOX Ransomware

Tox is a ransomware toolkit from the deep web, which allows anyone to create a ransomware for free. Tox makers developed a virus which, once opened in a Windows OS, encrypts all the files. Once this process is completed, it displays a message asking to pay a ransom to a bitcoin address to unlock the files. All you need to do is create a simple account, without any email address for additional anonymity, at toxicola7qwv37qj.onion.


Tox Ransomware – Sign Up Page

Create a Ransomware

After registration user chooses an amount of ransom minimum of $50 add a note if desired and click create,

tox ransomware creator

Tox Ransomware Creator

Once user has downloaded your virus, he/she has to infect other people. When infected with ransomware victims hard drive will be fully encrypted. Tox doesn’t provide detailed information on how to spread this ransomware but gives a best practice advice:

The most common practice to spam it as a mail attachment. If you decide to follow this method be sure to zip the file to prevent antivirus and antispam detection.

The most important part is that, the bitcoin paid by the victim will be credited to users account. Tox will keep a 30% fee of the income.

After downloading the file will look similar to this:

tox ransomware

Tox Ransomware – .src extenion

 As it seems tox ransomware is a new breed of malware as a service allowing anyone to earn Bitcoins without requiring any hacking or programming skills. Thus creating a new trend of malware spreading.

Check out our article about the Best Ransomware Removal in order to stay protected,

Tox is currently detected by following anti malware software:

ALYac Gen:Variant.Kazy.621112 20150526
AVG Downloader.Generic14.XRQ 20150526
Ad-Aware Gen:Variant.Kazy.621112 20150526
Avira TR/Downloader.Gen 20150526
BitDefender Gen:Variant.Kazy.621112 20150526
Emsisoft Gen:Variant.Kazy.621112 (B) 20150526
F-Secure Gen:Variant.Kazy.621112 20150526
GData Gen:Variant.Kazy.621112 20150526
Kaspersky Trojan-Ransom.Win32.Toxic.a 20150526
MicroWorld-eScan Gen:Variant.Kazy.621112 20150526
Panda Trj/Genetic.gen 20150525

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.