Make Your Own RansomwareMalware & Forensics

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Malware & Forensics Make Your Own Ransomware

Tagged: 

This topic contains 9 replies, has 8 voices, and was last updated by  JockBGood 1 year, 9 months ago.

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • #74176

    Alan Raff
    Participant

    Hi guys, I recently wrote an article for my blog about a new service that lets you create your own ransomware. Due to Cybrary policies, this article was rejected from Cybrary OP3N, but I still think it would be interesting to some people, so I will write about it here.

    A new type of ransomware is being freely distributed on the Deep Web, but this is not normal ransomware. This RaaS (ransomware as a service) is a new form of cybercrime that works by malware authors distributing the ransomware builder, and then taking a cut of the ransoms it generates. Anyone, no matter how computer savvy they are, can launch a fully-functional ransomware campaign to unsuspecting victims.

    Atom Ransomware, formerly called Shark, first started popping up on the Internet in mid July 2016. You can download it through their professional looking website that gives you step by step instructions on how to set it up and start infecting people. The creators claim that it is undetectable by AV software, supports multiple languages, and uses a strong but fast encryption algorithm.

    After you download the Atom payload builder, you can specify the bitcoin address to send the ransom to, the directories to infect, the file formats you wish to lock, the price of the ransom, and varying prices for different countries. All of this you can do with no technical knowledge. If you can type on a computer, you can use Atom to create ransomware. The payments are supposedly automated; sending the money first to the malware developers who take a 20% cut, then they send the other 80% to your bitcoin address that you supplied. After it encrypts the files with a .locked extension, it creates an encryption key like every other ransomware. After that, it locks the screen prompting for a password to unlock the files.

    Could this be the start of a new cybercrime service? Could this be the future of ransomware? It’s hard to say what the future will look like in this ever-changing industry, but it very well may play a big part in the future of cybercrime. With open source ransomware such as HiddenTear, and the DIY ransomware builders already out there like Tox, ransomware is becoming easier and easier to make. And with all the work it takes to launch a ransomware campaign, why distribute your ransomware yourself? Atom has a great business model so far. Easily make the ransomware, have other people distribute it, and take 20% of the profits. 20% might not sound like a lot, but say someone customizes Atom to sell for $100 to unlock the files. If that person infects one other person, that’s still $20; and it will only continue to grow as more and more people create new Atom ‘strains.’ This is highly illegal and extremely unethical, but you have to admit, it’s a great idea, and will surely be a huge money maker for them.

    The one problem that may arise is that there’s no way for Atom users to guarantee that they will get the 80%. Could this just be a huge scam to get people to spread Atom? Could the developers just take the whole ransom and walk away? Let me know what you think in the comments below!

    In the future I hope to be analyzing Atom more in depth, as it seems like a very cool project, and I’d love to know more about how it works internally.

    Read more about this and my other blog posts at http://alanraff.blogspot.com/

    #74788

    Scofield
    Participant

    Awesome

    #100220

    onuoha12
    Participant

    As researcher Denish Venkatesan explains, you can make many pieces of mobile android ransomware as you want once you have paid a one-time fee

    #105373

    xxjero
    Participant

    awesome

    #107036

    jonsonk
    Participant

    give me some mony if you give money and as soon as your device automated open this is remnsome

    #107037

    jonsonk
    Participant

    `if you give me 10 us dollar as soon as your device open

    #108905

    sonygoup
    Participant

    nic stuff bro

    #108945

    jonsonk
    Participant
    #110930

    yuningpu
    Participant

    nice article. thanks

    #111163

    JockBGood
    Participant

    Im not sure this is one and the only ransomware-as-a-service model, just one of many. There are some cyber protection services and researchers that have mentioned some of the other ones. However, these people use their knowledge to make money. Same as the software industry uses theirs. This is just a question of ethics and wits.

Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel