Cybercriminals have another easy-to-use ransomware kit to add to their arsenals , thanks to a new variant called Karmen that hackers can buy on the black market for $ 175 . A Russian-speaking user called DevBitox has been advertising the ransomware in underground forums , security firm Recorded Future said in a blog post on Tuesday . Karmen is what experts call ransomware-as-a-service -- a particularly worrisome trend . Amateur hackers with little technical know-how can buy access to them , and in return , they ’ ll receive a whole suite of web-based tools to develop their own ransomware attacks . In Karmen 's case , it offers an easy-to-use dashboard interface . Buyers can modify the ransomware , view what machines they 've infected , and see how much they ’ ve earned . To spread ransomware , hackers will often rely on spam emails with an attachment or a link to a website that contains malicious coding . Once it infects a computer , the ransomware will then encrypt the files hosted inside . To release the files , victims will have to pay up Attack.Ransom , usually in bitcoin . DevBitox , one of the developers behind Karmen , has posted messages in various forums saying that Russian and English language versions of the ransomware-as-a-service are available . The dashboard to the Karmen ransomware-as-a-service . So far , the hacker has sold 20 copies of Karmen , according to Recorded Future , which noted that the first infections of the ransomware variant occurred as early as December in Germany and the U.S . The $ 175 fee is a one-time upfront payment , said Andrei Barysevich , a director at Recorded Future . “ This lowers the barrier for other criminals to carry out ransomware attacks Attack.Ransom , and allows buyers to retain 100 percent of payments from their infected victims , ” he added . However , victims hit Attack.Ransom with the Karmen ransomware have recourse . That ’ s because the malicious coding is derived from Hidden Tear , an open source ransomware project . Cybercriminals have been using Hidden Tear to build their own ransomware variants . However , security experts have been responding with free decryption tools designed to release computers of the infections . Michael Gillespie , a security researcher , has developed his own decryption key generator that can address ransomware built from Hidden Tear . He advises that victims contact him for help . Gillespie has also developed a site that can diagnose what kind of ransomware has infected a computer , and offers advice on how it might be fixed . No More Ransom is another site with free tools that can decrypt certain ransomware infections . Security experts also recommend that businesses make routine backups of their important systems , in the event of a ransomware attack Attack.Ransom .