Ransomware is most dangerous things on internet, they can infect any computers or servers. Many type of ransomware, this malware can be undetectable by antivirus and they can encrypt your data or spying on your machine. Because of that many big companies lost due to ransomware attack. But, how attacker build a ransoware and manage that. I will share with you an Open-Source Ransomeware to find out how hacker make and manage ransomware.
Overview
This was made to demonstrate ransomware and how easy it is to make. It works on Windows, Linux and MacOS. It’s recommended to compile payload.py to EXE to make it more portable.
I do work on security awareness trainings and test the IT security and safety for other companies and you guessed it; this was made for the demo section of my presentation, NOT TO EARN MONEY OR BRICK PEOPLES COMPUTERS.
This script does not get detected by any anti-virusses. Self made scripts go undetected 99% of the time. It’s easy to write something nasty like ransomware, adware, malware, you name it. Again, this script was for research only. Not ment to be used in the open world. I am not responsible for any damage you may cause with this knowledge.
I recommend a VPN that allows port forwarding (For example; PIA VPN) when using this outside your network, or better, a cloud computer hosted elsewhere, like Amazon AWS.
The conclusion of this project is that it is easy to brick a system and earn money doing it. This script doesn’t use any exploits to achieve its goal, but can easily be coded into it as a nice feature.
Visit jezsjxtthkqhlqoc.onion for a complete C&C.
Features
- Generate a ransomware payload
- With or without GUI payload
- FUD (Fully Undetectable by Anti-Virus)
- Works on Windows, MacOS and Linux
- Super fast encryption with PyCrypto
- Compile to EXE, APP or Unix/Linux executable
- Custom icon for your EXE payload
- Receive keys of victims
- Decrypt files
- Demo mode (payload won’t encrypt anything)
- Fullscreen mode (Warning takes over the screen)
- Custom warning message for your victim
- Custom image in your payload
- Ghost mode (Rename by adding .DEMON extention instead of encrypting the files)
- Multiple encryption methods
- Select file extentions to target
- Decide if payload should self-destruct (Console mode feature only)
- Decide wich drive to target for encryption (working directory)
- Verified server access through port forwarding VPN
Super Fast Encryption!
Installation
Download and install the latest version of Python 3.
Then do:
On Linux, you might need to install these packages:
Testing connection with remote server:
Usage Demo
Screenshots
Disclaimer
I am not responsible for any damage you might cause with this tool. Use at own risk and for testing and learning only! I made this to test AV’s and demo purposes only! Use this to avoid ransomware and make better tools against it because current AV tools and ransomware shields are not good enough!
