Hidden Tear
Open-source ransomware trojan
| Technical name | Ransom.MSIL.Tear |
|---|---|
| Classification | Trojan horse |
| Type | Ransomware |
| Subtype | Cryptovirus |
| Point of origin | Istanbul, Turkey |
| Author(s) | Utku Sen |
| Operating system(s) affected | Microsoft Windows |
| Written in | C# |
Hidden Tear is the first open-source ransomware trojan that targets computers running Microsoft Windows[1] The original sample was posted in August 2015 to GitHub.[2]
When Hidden Tear is activated, it encrypts certain types of files using a symmetric AES algorithm, then sends the symmetric key to the malware's control servers.[3] However, as Utku Sen claimed "All my malware codes are backdoored on purpose", Hidden Tear has an encryption backdoor, thus allowing him to crack various samples.[4]
References
- ^ Pauli, Darren. "Ransomware blueprints published on GitHub in the name of education". The Register.
- ^ Paganini, Pierluigi (18 August 2015). "Hidden Tear Ransomware is now open Source and available on GitHub". Security Affairs.
- ^ Balaban, David (20 March 2016). "Hidden Tear Project: Forbidden Fruit Is the Sweetest | The State of Security". The State of Security.
- ^ Kovacs, Eduard. "Encryption Flaw Used to Crack Cryptear Ransomware | SecurityWeek.Com". Security Week.
- v
- t
- e
Hacking in the 2010s
| ← 2000s | Timeline | 2020s → |
| 2010 |
|
|---|---|
| 2011 |
|
| 2012 | |
| 2013 | |
| 2014 | |
| 2015 | |
| 2016 |
|
| 2017 | |
| 2018 | |
| 2019 |
persistent threats
- Bangladesh Black Hat Hackers
- Bureau 121
- Charming Kitten
- Cozy Bear
- Dark Basin
- DarkMatter
- Elfin Team
- Equation Group
- Fancy Bear
- GOSSIPGIRL (confederation)
- Guccifer 2.0
- Hacking Team
- Helix Kitten
- Iranian Cyber Army
- Lazarus Group (BlueNorOff) (AndAriel)
- NSO Group
- Numbered Panda
- PLA Unit 61398
- PLA Unit 61486
- PLATINUM
- Pranknet
- Red Apollo
- Rocket Kitten
- Stealth Falcon
- Syrian Electronic Army
- Tailored Access Operations
- The Shadow Brokers
- Yemen Cyber Army
- George Hotz
- Guccifer
- Jeremy Hammond
- Junaid Hussain
- Kristoffer von Hassel
- Mustafa Al-Bassam
- MLT
- Ryan Ackroyd
- Sabu
- Topiary
- Track2
- The Jester
publicly disclosed
- Evercookie (2010)
- iSeeYou (2013)
- Heartbleed (2014)
- Shellshock (2014)
- POODLE (2014)
- Rootpipe (2014)
- Row hammer (2014)
- SS7 vulnerabilities (2014)
- JASBUG (2015)
- Stagefright (2015)
- DROWN (2016)
- Badlock (2016)
- Dirty COW (2016)
- Cloudbleed (2017)
- Broadcom Wi-Fi (2017)
- EternalBlue (2017)
- DoublePulsar (2017)
- Silent Bob is Silent (2017)
- KRACK (2017)
- ROCA vulnerability (2017)
- BlueBorne (2017)
- Meltdown (2018)
- Spectre (2018)
- EFAIL (2018)
- Exactis (2018)
- Speculative Store Bypass (2018)
- Lazy FP state restore (2018)
- TLBleed (2018)
- SigSpoof (2018)
- Foreshadow (2018)
- Dragonblood (2019)
- Microarchitectural Data Sampling (2019)
- BlueKeep (2019)
- Kr00k (2019)
| 2010 |
|
|---|---|
| 2011 | |
| 2012 | |
| 2013 | |
| 2014 | |
| 2015 |
|
| 2016 | |
| 2017 | |
| 2018 | |
| 2019 |
|
