Search the Community

Showing results for tags 'ransomware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 34 results

  1. itsMe

    Leafyware Ransomware

    This was made to demonstrate ransomware and how easy it is to make. I am not going to be responsible for anything use it for educational purposes only Feature Fast Encryption (AES-256 CTR MODE ) Easy To use Open-source Simple Dashboard [hide][Hidden Content]]
  2. itsMe

    Aris Locker Ransomware

    Aris Locker o de otro modo conocido como .Aris Virus File es un virus de tipo ransomware. Se encripta archivos añadiendo el .aris extensión a ellos, haciéndolos inaccesibles. Todos los archivos cifrados recibirán la nueva extensión. El Aris Locker ransomware deja caer una nota de rescate, lo que da instrucciones a las víctimas sobre la forma en que supuestamente pueden restaurar sus datos mediante el pago de una tarifa de rescate. [hide][Hidden Content]]
  3. This application decrypts files on Android devices compromised with the CryCryptor ransomware. If your device was infected with CryCryptor, here is a tutorial on how to decrypt your files. Open this page [Hidden Content] using your mobile device and tap the link below to download ESET’s CryDecryptor tool: [Hidden Content] Access the file in your "Download" folder and tap it to launch the CryDecryptor installation. Tap "Install". Once installed tap on "Open" to launch CryDecryptor or find the CryDecryptor app on your Home screen. CryDecryptor tool will automatically try to launch the decryption process of the ransomware. [Hidden Content]
  4. # blackhole-ransomware blackhole is a ransomware coded in c# Its only for educational purposes I will not be responsible for anything. [hide][Hidden Content]]
  5. A Ransomware and Ransomware Builder for Windows written purely in Python Created for security researchers, enthusiasts and educators, Crypter allows you to experience ransomware first hand. The newly released v3.0 is a complete overhaul that drastically simplifies setup and brings the package up-to-date to work with Python 3.6 and above. Crypter - Python3 based builder and ransomware compiled to Windows executable using PyInstaller What's New? (v3.0) Decryption key validation check before attempting decryption Overhaul to support Python 3.6 and above Drastically simplified dependency installation Crypter - 3.4 Released this on 6 May Numerous fixes and improvements [hide][Hidden Content]]
  6. shahg

    Stampado ransomware

    Hi anyone has Stampado ransomware kndly share it Thx
  7. DeathRansom - A Ransomware Developed In Python, With Bypass Technics, For Educational Purposes What is a ransomware? A ransomware is malware that encrypts all your files and shows a ransom request, which tells you to pay a set amount, usually in bitcoins (BTC), in a set time to decrypt your files, or he will delete your files. How it works? First, the script checks if it's in a sandbox, debugger, vm, etc, and try bypass it. It then encrypts all files starting with the defined directory on the line 60 in deathransom.py. Then, downloads the ransom request script, disable cmd, taskmanager and the registry tools. And starts the counter to delete the files. Bypass Technics Anti-Disassembly Creates several variables to try to make disassembly difficult. Anti-Debugger Checks if a debugger is active using the ctypes function: windll.kernel32.IsDebuggerPresent() Anti-Vm Checks if the machine's mac is the same as the standard vms mac. Anti-Sandbox Sleep-Acceleration Some sandboxes speed up sleep, this function checks if nothing out of the ordinary has occurred. Sandbox in Process Checks if have any sandbox in running processes Display-Prompt Shows a message, if the user interact with the pop up, the malware will be executed. Idle-Time Sleeps for a while and proceed. Some sandboxes wait for a while and stop running, that tries to bypass this. Check-Click If the user does not click the number of times necessary the malware not will be executed. Check-Cursor-Pos If the user not move the mouse in a seted time the malware not be executed. [HIDE][Hidden Content]]
  8. Ransomware Defender Scans, Detects and Protects from Ransomware Malicious Attempts! Overview ShieldApps’ Ransomware Defender deals with known ransomware in a way no other solution can. Specially designed for detecting and blocking ransomware prior to any damage, Ransomware Defender blacklists and stops both common and unique ransomware. Once installed, Ransomware Defender stands guard 24/7 utilizing active protection algorithms enhanced with user-friendly alerts and notifications system. Ransomware Defender is fully automated, taking care of all threats via an advanced Scan > Detect > Lock Down mechanism that proactively stands guard to detected threats, and works alongside all main antiviruses and anti-malware products! Ransomware Defender also features a scheduled automatic scan, secured file eraser, lifetime updates and support! NEW! – added protection from online threats! Ransomware Defender will block malicious websites and online scripts from attacking your computer. [Hidden Content] [HIDE][Hidden Content]]
  9. What is nodeCrypto? nodeCrypt is a linux Ransomware written in NodeJs that encrypt predefined files. This project was created for educational purposes, you are the sole responsible for the use of nodeCrypto. To Do GUI exe creator Edit basic variable Export cross-plateform Client (victim) Encrypt webserver Use private key for encryption Adapt SSL Server Recover data (user + encrypted file) Format the database Make GUI for webserver Make an executable to decrypt the files (Only on request! Contact me) [HIDE][Hidden Content]]
  10. Verci Spy System RAT | Ransomware | NSA Exploits | UAC | Spread Verci Spy System OR Verci_Spy_System This Tool Was Designed By US,This Tool is a Remote Access Trojan That you can Take over any Windows machine into your control and can do many things within that infected PC , also the infected PC will have a virus that will spread rapidly within usb-sticks and make other safe PCs infected too , by inserting the usb into it and click any of the shortcuts and so on . That Tool was designed for some educational purposes and some testing for PC security and we are not responsible for any illegal use for it , this tool also designed for a Better Hacking Visual Effects , that can deliver you a feeling of real hacker , you can use it within hacking movies , and have some animations and a localization map for detecting victims allover the world ,and Verci Wasn`t Cracked after it`s trial version was release , but the installer wasn`t cracked before , also Our XPR Tool , but we will not going into same mistake and not release any trial version for free . and this is program options that you can do with the infected PC and you took control on it : 1-UAC (User Access Control) Manager (Enable or Disable) 2-Open remote Webcam / Microphone 3-Control Remote Desktop 4-File Manager Controller 5-Process Manager 6-Regedit Controller 7-Services Manager 8-Devices & Printers Viewer 9-Active Windows Manager 10-View Remote WiFi Networks 11-View Saved WIFI Passwords 12-Ransomwares [ You Have 2 Ransomwares] (Try anyone you wish) 13-WiFi Hotspot Creator [Use any other device to check the Hotspot] 14-Lan Computer Manager [Lan Spread (Premium Only)] 15-Network Connections/Drivers Manager 16-Scan Remote websites ports 17-Scan Lan network devices ports 18-Manage installed Programs 19-Unmovable chat system 20-Clipboard Manager [Images & Text] (Set & Get Clipboard) 21-Remote Command prompt 22-Code Compiler 23-Saved Password Stealer (Updated) 24-Remote Keylogger (Offline/Online) 25-DDOS Attack Manager / Http Flooder 26-Full Computer information Manager 27-(Installed Pyhton Scripts) a) This Option allow you to install Sqlmap Script in Client PC and Hack any infected sites using it _By this way Client PC will be saved in site logs not your PC 28-Run File (From Disk/Url) 29-Open Url (Default Browser)[Or](Any Browser) 30-Automatic Victim Transfer Option [Transfer to any host or external IP] 31- NoIP Updater 32-Ransomware Builder [Build own Ransomware with your own Bitcoin] 33-Notify With Client Webcam image 34-Spam options : a) You can open fake Facebook login page in Client PC and grab passwords in keylogger b) You can open fake Paypal login page in Client PC and grab passwords in keylogger c) You can open fake Visa card number confirmation page in Client PC and grab information in keylogger 36-Auto Share Client Drivers over Lan Ransomware Builder Manager : This is the scheme of Ransomware *) Generate Random password of 15 random chosen Characters *) Start Encrypting all files exist in user Directory using the password *) Kills explorer.exe *) Kills Microsoft.Exchange *) Kills MSExchange *) Kills sqlserver.exe *) Kills sqlwriter.exe *) Kills mysqld.exe *) Delete all Shadow copies *) Usb spread (shortcut)[.lnk] *) Keep loop to Encrypt all files exist in other Drives using the password Available Trojans : 2 Trojans - 2 Downloaders: a) Full Control (Size : 400 Kilobytes) b)Worm Control (Size : 170 Kilobytes) c).exe Downloader (Size : 11 Kilobytes) d).vbs Downloader (Size : 909 Bytes) Preview Image 1 : You can now Enter Free Port You Choose Manual and Click Ok Preview Image 2 : Fast Look To Exit FullScreen Press "Click To Restore" Downloads: [Hidden Content]
  11. dEEpEst

    pycryptor Ransomware

    pycryptor A short, sweet, PoC Python Ransomware (+A file vault for protecting the users files) using Advanced Encryption Standards. The program uses the AES-GCM-256 for its work. [Hide][Hidden Content]]
  12. dEEpEst

    Mock Ransomware

    "# mock-ransomware" Release\ransomware.exe Go to test folder, notice the permission changes, change them back to see the encrypted text Delete copied malware inside of \\Users\\<name>\\ransomwaredirectory open up regedit to also delete persistent keys reg DELETE HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v ransomware_pwn /f The operation completed successfully. reg QUERY HKCU\Software\Microsoft\Windows\CurrentVersion\Run to verify To view the driver installed C:\> sc query MyCustomBeep SERVICE_NAME: MyCustomBeep TYPE : 1 KERNEL_DRIVER STATE : 1 STOPPED WIN32_EXIT_CODE : 1077 (0x435) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : [Hide][Hidden Content]]
  13. "De acuerdo a las cifras ofrecidas por KasperskyLab, el aumento de nuevas amenazas de ransomware se ha intensificado casi al doble." 7,620 - 2018 - Amenazas de Ransomware 16,017 - 2019 Amenazas de Ransomware Al igual, que los números de usuarios infectados (victimas) del ransomware. 158.921 usuarios afectados 2018 230.000 usuarios afectados 2019 13 tips para evitar la infeccion Realizar periódicamente Backups de tu información. Se recomienda tener copias de nuestra informacion en medios como la nube, otro en físico, como memorias USB y discos duros portátiles. Mantener el Sistema Operativo actualizado hasta la ultima versión. Contar con software antivirus que tenga funciones anti-ransomware Aumentar la seguridad de tus dispositivos moviles como SmartPhones y Tablet. En 2017 Google elimino mas de 700,000 aplicaciones maliciosas de la PlayStore. De ser posible implementar extensiones anti-malware a los navegadores. Mantener actualizado los antivirus. Establecer filtros de seguridad en los e-mail, corporativos o no. No descargar archivos de ningún tipo de fuentes poco confiables o no oficiales. Contar con un repertorio de herramientas anti-ransomware. Esto debido a que existen herramientas especificas para un tipo de ransomware. Prepara un plan de respuesta y de ser necesario capacita a tus empleados o usuarios de la red, como a tu familia. Ejecuta análisis periódicos en busca de amenazas en tus equipos No pagar el rescate. En muchos casos, usuarios han pagado el rescate y no recuperaron ni su información ni sus equipos. Usar el sentido común y no dar clic en todo lo que veamos. Fuente
  14. dEEpEst

    HiddenTear Ransomware

    _ _ _ _ _ | | (_) | | | | | | | |__ _ __| | __| | ___ _ __ | |_ ___ __ _ _ __ | '_ \| |/ _` |/ _` |/ _ \ '_ \ | __/ _ \/ _` | '__| | | | | | (_| | (_| | __/ | | | | || __/ (_| | | |_| |_|_|\__,_|\__,_|\___|_| |_| \__\___|\__,_|_| It's a ransomware-like file crypter sample which can be modified for specific purposes. Features Uses AES algorithm to encrypt files. Sends encryption key to a server. Encrypted files can be decrypt in decrypter program with encryption key. Creates a text file in Desktop with given message. Small file size (12 KB) Doesn't detected to antivirus programs (15/08/2015) [Hidden Content] Demonstration Video [Hidden Content] Download: [HIDE][Hidden Content]]
  15. Multiple Bugs in Canon DSLR Camera Let Hackers Infect with Ransomware Over a Rouge WiFi Access Point * Researchers discovered multiple critical vulnerabilities in Picture Transfer Protocol (PTP) that allows attackers to infect the Canon DSLR camera with ransomware to encrypt the pictures and demand the ransom. * An attacker who is very close with the victim’s WiFi or already hijacked computers with the USB access could propagate them to infect the cameras with deadly malware and ransomware.
  16. dEEpEst

    NodeCrypt - Linux Ransomware

    What is nodeCrypto? Install server Install and run Screenshot What is nodeCrypto? nodeCrypt is a linux Ransomware written in NodeJs that encrypt predefined files. This project was created for educational purposes, you are the sole responsible for the use of nodeCrypto. Install server Upload all file of server/ folder on your webserver. Create a sql database and import sql/nodeCrypto.sql Edit server/libs/db.php and add your SQL ID. Install and run git clone [Hidden Content] cd nodeCrypto && npm install You must edit first variable in index.js Once your configuration is complete, you can start the ransomware. node index.js The files at the root of the web server will encrypt and send to the server. Screenshot To Do Client (victim) Encrypt webserver Use private key for encryption Adapt SSL Server Recover data (user + encrypted file) Format the database Make GUI for webserver Make an executable to decrypt the files (Only on request! Contact me) [Hidden Content]
  17. itsMe

    Ransomware Decryptors

    [Hidden Content]
  18. GonnaCry Ransomware GONNACRY – LINUX RANSOMWARE THAT ENCRYPTS ALL USER FILES GonnaCry Rasomware Original Repository of the GonnaCry Ransomware. This project is OpenSource, feel free to use, study and/or send pull request. GonnaCry is a linux ransomware that encrypt all user files with strong encryption scheme. There is two versions of the Ransomware Code: C and Python. How this ransomware works: [Hidden Content] [Hidden Content] How this ransomware encryption scheme works: [Hidden Content] Mentions: [Hidden Content] [Hidden Content] [Hidden Content] Disclaimer This Ransomware musn't be used to harm/threat/hurt other person's computer. It's purpose is only to share knowledge and awareness about Malware/Cryptography/Operating Systems/Programming. GonnaCry is a academic ransomware made for learning and awareness about secutiry/cryptography. Be aware running C/bin/GonnaCry or Python/GonnaCry/main.py Python/GonnaCry/bin/gonnacry in your computer, it may harm. What's a Ransomware? A ransomware is a form of malware that prevent legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful seem to be encrypting ransomware: most of the user data are encrypted and the key can be retrieved with a payment to the attacker. To be widely successful a ransomware must fulfill three properties: Property 1: The hostile binary code must not contain any secret (e.g. deciphering keys). At least not in an easily retrievable form, indeed white box cryptography can be applied to ransomware. Property 2: Only the author of the attack should be able to decrypt the infected device. Property 3: Decrypting one device can not provide any useful information for other infected devices, in particular the key must not be shared among them. Objectives: encrypt all user files with AES-256-CBC. Random AES key and IV for each file. Works even without internet connection. Communication with the server to decrypt Client-private-key. encrypt AES key with client-public-key RSA-2048. encrypt client-private-key with RSA-2048 server-public-key. Change computer wallpaper -> Gnome, LXDE, KDE, XFCE. Decryptor that communicate to server to send keys. python webserver Daemon Dropper Download: [HIDE][Hidden Content]]
  19. TheFOX

    Philadelphia ransomware

    Philadelphia ransomware is a RaaS which let you create and manage your own ransomware Comes with usb spread lab spread and blah blah blah How to use 1.Download 2.Open 3.Create bridge and upload on any webhost or shelled website 4.enter bridge url eg:www.level23hacktools.com/bridge.php/ 5.select bridge and create payload and change btc address and ammount Download [Hidden Content] Don't forget to give +rep ::Blackhat::
  20. dEEpEst

    Angie Ransomware

    Angie-Ransomware Professional ransomware for educational purposes Angie-Ransomware is x32 bit ransomware that is designed to target mainly x64 Windows but still supports x32 bit of course, She by design can bypass almost all sandboxes by using its own NTDLL stubs from Windows 7 to Windows 10 1809, if the version of windows is newer than Windows 10 1809 will load the addressed from NTDLL.DLL and use them. Another trick that she does is if she is under Wow64 after connecting to master and retrieves a encryption key, she will switch to long mode and operate on x64 user space, this switch is the killer for almost all sandboxes and debuggers and its the biggest defence. Its still under development. Tools Visual Studio 2017/2019 Intel System Studio 19.0 Windows SDK 10.0.17763.0 Sysinternals Suite Make from Mingw Nasm Cool people [Hidden Content] Some images Download: [HIDE][Hidden Content]]
  21. [Hidden Content]
  22. [Hidden Content]
  23. dEEpEst

    Simple Ransomware

    Simple Ransomware Description This is a simple ransomware build with C# Automatically create parent application, can replace address BTC you're copying (BTC Stealer) Combine using fake application [Hidden Content]
  24. [Hidden Content]