Article Lead Image

Niels Heidenreich/Flickr (CC BY SA 2.0)

Teen who created a new way to take your computer hostage calls it quits

He's not ready to take on the FBI.


Joseph Cox

Internet Culture

Posted on Jun 4, 2015   Updated on May 28, 2021, 4:17 pm CDT

The life of a cybercriminal isn’t for everyone. While some appear to get way too deep into a world they’re not native too, like Ross Ulbricht, the convicted operator of Silk Road, others are professional fraudsters who know how to play the game and survive. 

Now, another person is finding it all too much: the creator of the free ransomware black market Tox has decided to shut up shop before law enforcement catch up with him.

Usually when it comes to ransomware, a type of computer virus that encrypts all the files on a device until the victim pays a fee, distributing the software can take time and resources. A hacker might need to send thousands of emails until one victim downloads the virus and infects their computer. But Tox, a recently launched site on the Dark Net, had a genius solution: Release the ransomware for free so anybody could spread it as they see fit, and then split the profits between the virus’ creator and its distributors. It was essentially crowdsourced cybercrime, and a truly novel way to getting as many people as possible to fall victim to your malware.

“I’m pretty sure I’ve made no mistakes, but this project just got bigger than me.”

“I knew it was something new, something that was completely different from what was already there,” the malware’s creator, who also goes by the handle Tox, wrote on his site.

Shortly after the malware was released last month, it infected over 1,000 machines, Tox told the Daily Dot in an encrypted message. “Things exploded,” Tox added on his site.

Then on Tuesday, Tox decided to quit. The pressure had gotten too much.

“It’s not good for a teenager to find himself in such a stressing situation,” Tox said. “I’m pretty sure I’ve made no mistakes, but this project just got bigger than me.”

Earlier this week, the owner of another piece of ransomware ostensibly had a change of heart and released the decryption keys for his victims, although the motivation for such a move remains unclear.

Tox, meanwhile, had allegedly been receiving threatening emails. These included one from a hacker saying that Tox had “stumbled into a team of researchers you do not want to be on the other side of.”

Another hacker The Daily Dot spoke to via encrypted chat claimed to have broken into the Tox site’s server before it was taken offline and was selling its corresponding data. Tox denies that his site was hacked or that this is the motivation for him quitting.

Instead, Tox claims, it is the threat of law enforcement that is making him pull the plug.

“If I have some random hackers following me it’s ok, no panic. But if FBI or agencies that big start chasing me, who am I to fight back?” he said.

The ransomware project itself still might not go to waste. Tox is selling the site, the malware code, and the database containing the details of the already infected victims to the highest bidder, and he has already received a number of offers, he said. And if no one buys the platform, Tox claims he will decrypt the files of all current victims.

Even though this site was only short lived, the idea of a crowdsourced approach to malware distribution is now out there for whomever wants to pick up the torch.

Photo via Niels Heidenreich/Flickr (CC BY SA 2.0)

Share this article
*First Published: Jun 4, 2015, 5:26 pm CDT