Before go into details about Hidden Tear Ransomware,First let us understand what is ransmwore,How it is spreading,How badly it can affect the system,Purpose of attacker for spreading ransomwore.Let's Go into details one by one.
What is Ransomware?
In very simple term,Ransomware is Malware or exploit in which data of victim is encrypted by attacker and demand money for decrypting the data.How Ransomware is spreading?
Ransomware spreads through e-mail attachments,Malicious ad's infected and pirated programs and compromised websites. A ransomware malware program may additionally be known as a cryptovirus, cryptotrojan or cryptoworm.As per security expert,ransomware does not harm the computer.It encrypt the data and demand money from victim for decrypting the data.To get protect from such ransom,Security expert urge user to backup the data on regular basis so if attack occure then insted of paying money just wipe the disk and restore data from backed up file.There is no alternate soluation for user to protect from such exploit as antivirus failed to detect such file and secondly latest malware are 2048 bit encrypted.So it will take decade to decrypt the data by brute force technique.
The Turkish security researchers, Utku Sen has published the first open source ransomware.The researcher published the malware to let user know how it is working and affect the system.He published the ransomware for educational purpose.
As per Utku Sen,“Hidden Tear” use AES encryption to encrypt the files,Send encrypted data encryption key to server,and can be decrypted in decrypter program with encryption key.It also set message on desktop as actual ransomware does.It create the text file of small size and it cannot get detected by antivirus programe.Criminal underground has used ransomware to extend their business, security specialists conjointly discovered in a very case the adoption of malware-as-a-service model to administer the chance to everyone to create its ransomware campaign.However is not easy for user to get the source code of ransomware,as it is highly encrypted but now the Turkish researcher utkusen published on the Github platform the first open source Malware tool.
Note:This Ransomware it is not so advanced like other threat like Cryptowall or Cryptolocker but it does his job, as for educational purposes.
Check the video for detailed steps:
