Turkish security bod Utku Sen has published what appears to be the first open source ransomware that anyone can download and spread.
The “Hidden Tear” ransomware, available to GitHub, is a functional version of the malware the world has come to hate; it uses AES encryption to lock down files and can display a scare warning or ransom message to get users to pay up.
Sen says the malware will evade detection by all common anti-virus platforms.
“While this may be helpful for some, there are significant risks,” Sen says.
“Hidden Tear may be used only for educational purposes. Do not use it as a ransomware.”
One could envisage such “educational purposes” as entailing making the case for better backup systems for purse-holding superiors, but it is likely a hard case to state.
Github moderators will no doubt evaluate that claim. The site has not, at the time of writing, killed off the repository which may skirt the edges of its terms of service.
The malware is not nearly as slick as Cryptowall or Cryptolocker which sport unique Tor hidden service Bitcoin payment domains and have become a scourge of the internet in recent years.
In a video set to whimsical classical music, Sen demonstrates how the ransomware can encrypt and decrypt files leaving a text document note on the victim’s desktop.
It can encrypt a variety of files including word processor documents, spreadsheets, and Powerpoint.
Punters will need to have a web server capable of supporting scripting languages if they wish to test out the ransomware, Sen says.