Ransomware goes OPEN SOURCE in the name of education

Posted on

Turkish security bod Utku Sen has published what appears to be the first open source ransomware that anyone can download and spread.

The “Hidden Tear” ransomware, available to GitHub, is a functional version of the malware the world has come to hate; it uses AES encryption to lock down files and can display a scare warning or ransom message to get users to pay up.

Sen says the malware will evade detection by all common anti-virus platforms.

“While this may be helpful for some, there are significant risks,” Sen says.

“Hidden Tear may be used only for educational purposes. Do not use it as a ransomware.”

Ransomware goes OPEN SOURCE in the name of education
Ransomware goes OPEN SOURCE in the name of education

One could envisage such “educational purposes” as entailing making the case for better backup systems for purse-holding superiors, but it is likely a hard case to state.

Github moderators will no doubt evaluate that claim. The site has not, at the time of writing, killed off the repository which may skirt the edges of its terms of service.

The malware is not nearly as slick as Cryptowall or Cryptolocker which sport unique Tor hidden service Bitcoin payment domains and have become a scourge of the internet in recent years.

In a video set to whimsical classical music, Sen demonstrates how the ransomware can encrypt and decrypt files leaving a text document note on the victim’s desktop.

It can encrypt a variety of files including word processor documents, spreadsheets, and Powerpoint.

Punters will need to have a web server capable of supporting scripting languages if they wish to test out the ransomware, Sen says.

Source:http://www.theregister.co.uk/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s