Ransomware Development


It is just raw idea,

Exactly, this is the second problem of using RSA


You should make your RansomWare similar to SATAN. Allowing a person to spread it for you and you taking a cut of the profit. I would personally buy this from you. Is there a certain version of windows this is for? Windows 10? 8?

(Boner McBonerFace) #23

Allowing a person to spread it for you

The only thing I want you to spread is your buttcheeks bb


Hold my beer for a sec…


(Not a N00b, but still learning) #26

Can you please explain to me how this would matter for your ransomware? Someone can capture the random AES key used for encryption of the files much easier by installing a fake .NET runtime or running some sort of debugger. However, one has to know when exactly the ransomware runs, the location of the ransomware, etc.
This is only feasible for malware analysis, in which case the AES key doesn’t matter at all. There are easier ways for users to protect from ransomware.

The article you cited is in no way relevant to this topic. IIRC they are talking about a attack that has been custimized to a specific use case+chip without access to the system.


I believe this that When you create something, you have to be in every way perfect.
It is true that there is nothing perfect but, must be as good as possible.
So, if I am going to create a Ransomware that is one of the best, I have to consider all aspects even those that are less likely to happen.

What do you think is the best way to prove that there is no complete security? In my opinion, the best way to do this is to target the places and people who are active in the field of security and mine is designed for a specific purpose.
If I have the specific purpose of creating this so I have specific targets and for specific targets, I MUST consider all aspects as much as possible.

One of my targets is a man that I know him and I know that he has many advanced tools.
Imagine that when the ransomware starting to encrypt files, his tool ( Without considering other things he can do - I know he has one of them ) is working so THE GAME IS OVER and the key has been disclosed and I know that for the first time, " side attack " was run against RSA so even RSA can not be the best choice to encrypt files in these situations.

In the current implementation, I used AES algorithm + RSA to encrypt AES key, but I said, I am looking for any advice to help me make the program better and your help to show the possible ways to get it done in the best way

This was not a technical answer - right know I am on it to find out In what situations this can be problematic

(Not a N00b, but still learning) #28

If you want your ransomware to be “perfect”, stop using C#. The article you posted is in no way related to your ransomware. It’s about a specific encryption chip. They talk about network appliances(“attacker controlled data”). Your application isn’t the only one to use AES. I can say that it’ll be impossible to capture the key THAT way. Your target would rather control the random seed you use to generate the key, or just use some ransomware protection software.

I think we should end the discussion here. If you have a specific question, feel free to ask or ring me up on the IRC.


What’s your suggestion?

(Not a N00b, but still learning) #30

Something more low level that directly compiles to assembly. C# is way too easy to decompile if you deal with “advanced” targets. Pick something like C++ and learn how to use the underlying Windows APIs. It will of course not be an easy transition, but it will pay out in long term, as it will also lead you to produce higher quality code/maleware (not the language itsself, but your understanding) Just my two cents.

P.S.: I personally like C#, but it doesn’t feel appropriate for this use case


Unfortunately, this is almost never possible in a practical sense, especially with malware.

The way you’ve approached the problem is way too… finicky. What are the chances that this someone is doing this while, at the same time, is not using a controlled environment and not aware of what is happening? Or even has this device? Problem solving is not about being (almost) perfect, it’s about being able to identify the main goal(s) and asset(s) and seeing the larger picture and what works in the most effective way possible that is practical.

If your target is a single or a few people who are technically advanced, you will need something more than just a typical piece of ransomware, perhaps some kind of priv esc exploit bundled with a rootkit. If your goal is to generate money by mass infecting anyone and everyone, there is no need for that because most people cannot do anything about it because they lack the knowledge to. In this case, you can build any typical ransomware. Can you use the exploit + rootkit and mass infect everyone? Yeah sure, but what a waste the exploit and rootkit would become when it’d be so easily discovered and patched.


This post was flagged by the community and is temporarily hidden.

(JR™️) #34

This post might seem out of context, but from my perspective Metasploit+Downloader (wit DL and Ex functions)+ransomeware src, should get you started, with both the loader and ransomware having //InstallOptions, as you will be using them for educational purposes, just to clarify. Good Reconnaissance should help you gather enough details and confidence to indulge your prospective target into buying the option of allowing remote assistance to decrypt his/her files and also buy in on the idea of rewarding you for labour (enabling you earn salary in return), whilst building your ransomware (I comprehend you are talking OS enumeration and open ports to some extent). Then implementing the same attack vectors over a period, but, this time with your own ransomware (if you ever feel mischievous(judging from your ware specifications)). This feels like a ‘bulls eye’ idea, what do you think?.:dart: