According to recent announcment, a group of hackers has taken action to sell “inc ransom” encryption ransomware source code. This sale includes the AES-CTR-128, Curve25519-Donna encryption algorithms and panel source code. This ransomware operate on both Windows and Linux operating systems using the IOCP infrastructure. Additionally, there are specially compiled versions for ESXi and other popular virtualization platforms.
Allegedly, while the user interface of the software is developed using React, the backend is built with Node.js and TypeScript. All components are packaged in Docker containers and can be deployed with a single command.
This situation raises concerns about ransomware attacks. It is predicted that in the coming days, new variants from the INC Ransomware group will emerge, increasing their attacks. Daily dark web researchers warn that such source code auctions could contribute to the spread of cybercrime. The timing of this sale, coming after the clash between Lockbit and NCA, is also surprising.
Additional, The price for this source code is set at $300,000.
