Pay2Key is the first public RaaS (ransomware as a service) project that provides free entry into the ransomware business for anyone looking to make money!

Ransomware is a type of malware (computer virus) that encrypts files on a computer, leaving a note with instructions on how to recover valuable information. If there was nothing valuable on the computer, the user will simply reinstall the operating system. However, if there was important information (documents, photos, videos, databases, etc.), the user will follow the instructions in the note, hoping to obtain the recovery utility.

The main guiding principles of the project from its inception to the present day are

User Security through Complete Anonymity

Our service is only available on the I2P network, which surpasses TOR in terms of anonymity. During registration, we do not require any external identifiers such as email, phone number, name, or even a username. All financial transactions are conducted using the cryptocurrency Monero (XMR), which provides an unprecedented level of transaction anonymity—there's no need to use mixers or fear AML checks, as is common with other popular cryptocurrencies. Additionally, the Monero network is very fast and inexpensive: transaction fees range around 1-2 cents USD, and the first network confirmation typically appears within an average of 5 minutes.

No User Moderation

Anyone can join the project. There is no need to undergo an interview or otherwise prove your professional suitability. If your skills are sufficient to access our website, download the application in your personal account, and then run it on any computer, we are happy to collaborate with you! If you are a professional capable of working with large corporate networks and bypassing security, we are even more pleased to consider individual cooperation terms.

Automation. Complete Support for the Attacked Client

You do not need to take any actions to support the attacked client. Pay2Key will automatically identify that the client came from you by the encryption key created in your personal account. The service provides a fully automated option to perform a test recovery of three small files (up to 512KB) and purchase the recovery utility. You can learn about a successful attack simply by the fact that your wallet has been replenished!

You set the price for the recovery utility in your personal account, based on your understanding of the target audience you plan to attack. If you wish to communicate directly with the client you attacked, Pay2Key provides an online chat. In addition to communication with automatic translation into several languages, the chat allows for discounts if, for some reason, the client convinces you that they are willing to pay for the recovery utility, but for a lesser amount than you initially requested.

Multilingual Support

The website is available to our users and attacked clients in several languages: German, English, Spanish, French, Hindi, Russian, Turkish, and Chinese. The chat with support or with your attacked clients has automatic translation between the specified languages. This allows both participants in the dialogue to write in the chat in their preferred language. A Spanish speaker will write and receive responses in Spanish, while their interlocutor can use Turkish. The participants cannot determine which language is being used on the other end.

Technical Information

Software is provided for Windows OS. It can also run on Linux with a Windows application launcher installed, such as Wine.

Cryptography

ChaCha20, X25519, and partial encryption for large files are used with a nonlinear algorithm for selecting parts for encryption (random locations of random sizes).

Attack Mechanics

1. The user creates a key set in their personal account. An individual price for the recovery utility is assigned to the key set, which will be used when a client attacked with a key from this set contacts you. The key set is also linked to a chat parameter: whether the attacked client will have the opportunity to start a dialogue with you.
2. The user creates a task to generate an encryptor for the selected key set and downloads the resulting application within a few minutes.
3. During the attack, the ransomware program randomly selects a key from the embedded set and encrypts the files.
4. Upon a successful attack, a note is left on the computer with brief information about the possibility of file recovery, which includes a link to a browser for accessing the I2P network, as well as a direct link to the Pay2Key website that will take the client directly to the purchase page for the recovery utility specific to the key used in the attack.

Tips for a Successful Attack

1. Consider the number of keys. If you plan to attack multiple computers but with a single ransom (for example, an office), use a set with a single key so that the recovery utility can work on all computers. Otherwise, individual purchases will be required for each computer.
2. The ransomware bypasses standard Windows OS protection (we are constantly working on this), but currently, we do not guarantee bypassing third-party antivirus software. Make sure to disable potential protection before launching. You can use third-party tools or social engineering (for example, directly asking the client to disable their antivirus if they believe they are launching an application for which this is justified—cheats, license cracking programs, etc.).
3. The Pay2Key application does not have a horizontal propagation function (automatic infection of other PCs on the local network), so if necessary, you will need to use third-party solutions or social engineering (for example, delayed launch and using some pretext to motivate the user to run your software on another computer).
4. Before taking real actions, it is recommended to run the application on a virtual machine to have a complete understanding of what happens during the attack. You can also go through the client’s journey up to the purchase of the recovery utility— for this, you can lower the price in the chat to $100 (part of which will return to your balance).

Financial Matters

The percentage of the ransom amount that the user receives depends on the size of the sum. You can see the current rates on our website even without registration.

Upon request, the service can agree on individual terms with an increased percentage for professionals with high earnings! For this, please contact support on the Pay2Key website.

Registration

You can only register on the site with an invite code (also known as a referral code). Each user can generate as many invite codes as they want, and there's no time limit or cap on how many registrations can use a single code. To protect our users' privacy, you can't tell who generated a code just by looking at it. To encourage natural growth within the project's audience, Pay2Key has a two-tier referral system: users earn a percentage from all purchases made by users who registered with their code. This way, anyone can help promote the project and earn from it.

Looking for invite code? fc84e49c684b102fb70425867496befe9bea15