So. After falling into a slight pit-o-despair I turned my focus onto malware. Yaaay.
1) I’ve made a fully functioning java-based ransomeware
By default it only encrypts a users home directories (documents/downloads/desktop etc) but it can be configured to encrypt whole drives too (including network drives). It drops a nice little instruction file on desktop containing a session-unique encrypted AES key (encrypted with RSA public key), and a supplied decrypting program the user can run. Each encrypted file is also appended with “.[email- email@example.com]“. To get his/her files back, the user has to email you with the encrypted AES key, which you will be able to decrypt because you have the private key 🙂 You send it back and they can now get their files back. Simple ransome. It’s pretty fast too I’d say. on a core 2 duo with 2 gigs ram and a 5 year old HDD it does 1 gig per 60 seconds
2) I’ve produced a fully functioning .NET encrypter/loader.
I am able to manually take my favorite detected .net program, encrypt it, add it to my loader’s resources and get out a new, clean file. Once run, my loader will take the encrypted file, and load it directly into memory and execute it. Bypasses all scan-time and run-time antivirus that I’ve tested on nodistribute.
Now that I’ve done all this… whats next? My mindset led me to creating these tools, but I have no motivation to infect users myself.
should I start to sell a crypting service? or sell my java ransomware? Would anyone here even be interested in that sort of thing or are you all very clued up on your crypting and don’t need something like this?
I enjoy creating these. Heck, I wouldn’t even mind if people sent me files all day to encrypt for them.
Please let me know your opinions, I really do appreciate them