Engineering:Hidden Tear

From HandWiki
Revision as of 13:24, 25 June 2023 by MedAI (talk | contribs) (over-write)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Short description: Open-source ransomware trojan
Hidden Tear
Technical nameRansom.MSIL.Tear
ClassificationTrojan horse
TypeRansomware
SubtypeCryptovirus
Point of originIstanbul, Turkey
Author(s)Utku Sen
Operating system(s) affectedMicrosoft Windows
Written inC#

Hidden Tear is the first open-source ransomware trojan that targets computers running Microsoft Windows[1] The original sample was posted in August 2015 to GitHub.[2]

When Hidden Tear is activated, it encrypts certain types of files using a symmetric AES algorithm, then sends the symmetric key to the malware's control servers.[3] However, as Utku Sen claimed "All my malware codes are backdoored on purpose", Hidden Tear has an encryption backdoor, thus allowing him to crack various samples.[4]

References