05 Sep 2017

How to Create Your Own Ransomware

Since we work on custom app development, developers at BluEnt were quite fascinated by how ransomware has taken the world by storm.

After all the furore of ransomware attacks worldwide in August, it seems that the deadly attack will not be mitigated anytime soon. First, it was Diablo6, then it became Petya and now its Locky.

A notorious albeit an indestructible weapon of cyber crime, the ransomware has so far exceeded $5 billion in 2017 already. During the process of securing our client side projects, we came to know that you can create your own ransomware too.

Since we work on custom app development, developers at BluEnt were quite fascinated by how ransomware has taken the world by storm. We already knew that the atrocity cannot be destroyed, but it could certainly be prevented.

And, Ransomware as a Service or RaaS works by distributing ransomware builder to several machines and then demanding a ransom. Ransomware prevents users from accessing their system. It either limits access by locking the screen or by encrypting user files. You can't access unless you pay a ransom through bitcoins on the address displayed on the message window. Upon payment, the users get a decryption key.

Do you want to hear the worst part?

Anyone can create a ransomware today!

You don't need to be a full-fledged coder to take revenge from a crazy ex or a psycho boss. Keep them annoyed and harass them enough, while earning a few bucks for every date she ruined and every leave he deducted from your salary.

Do we hear cries of ecstasy?

Of-course. Bosses and Exes should be hated!

Behold, for we give you, DIY Ransomware 101 for Dummies

Let's begin, shall we?

I wish it were this simple when I was studying. So many professors would have been taught a lesson!

Creating Ransomware from free Trojan Development Kit (TDK)

All you need for this is an Android phone to get started. No coding skills, no hacking skills and not even a laptop.

While we will not provide any downloadable links (for obvious reasons), more enthusiastic readers can download free TDK from various hacking forums. The interface offers a user-friendly interface so that anyone can create a custom ransomware . You can build the whole malicious software on your smartphone itself, without writing even one line of code.

With the app, all you need to do is follow simple instructions, fill out a form which has customization options and pays a one-time fee to the app developer. The customization options include choosing the kind of message you want to display on the infected device's lock screen.

Once you do this, you can distribute the software across several devices.

Creating Ransomware from free Trojan Development Kit (TDK)

Creating Custom ransomware from Atom Ransomware

Formerly called Shark, Atom Ransomware allows you to download the software from their site. They also offer stepwise instructions on how to set it up and use it accordingly.

Any wannabe ransomware creators can visit their site and click on download button which will download a zip file called Payloadbundle.zip. This zipped file contains ransomware configuration builder, a warning note and executable file.

Once you download the Atom payload builder, you can start customizing the details immediately. Specify the bitcoin address you need to send to your victim, the price and the message that needs to be displayed. You can also choose the directories which you need to infect, the files which can be locked and the countries you need to infiltrate into.

The developers at Atom claim that their ransomware will be undetectable by AV software, uses fast and strong encryption algorithm and supports multiple languages. You can choose which folders and files to infect, the countries to target, how much ransom to demand in each country and the email address which will send notifications.

The site is quite professional looking and the Shark Ransomware Project offers several examples of configuring the software.

So, how do Atom developers benefit?

Well, the payments are automated, which means that ransom is first sent to the developers where they deduct 20% of the amount and return the rest 80% to your Bitcoin address specified. Once the victim sends the ransom, a decryption key is generated which unlocks all the files.

Tox: The Ransomware Construction Kit

This one is available on Dark Web since May 2017. You can use this tool to create a ransomware for Windows operating systems including all mobile devices which use the platform.

The Tox presentation page says:

"We developed a virus which, once opened in a Windows OS, encrypts all the files. Once this process is completed, it displays a message asking to pay a ransom to a bitcoin address to unlock the files."

Anyone interested in TOX can subscribe to their service to create their own ransomware. The developers claim that through their kit, wannabe hackers can create ransomware in three "easy" steps:

  • Deciding on the ransom amount

  • Entering why they want to create the software

  • Submitting Captcha.

Is that Joker's smile we see there?

The developers benefit from a cut out of the ransom from victims like the Atom creators. They ensure that the payments are kept anonymous through Bitcoin and TOR.

The developers also claim that the virus detection rate through Tox is very low.

"Tox-generated malware is compiled in MinGW and uses AES to encrypt client files via the Crypto++ library.  The Microsoft CryptoAPI is used for key generation. – McAfee"

Upon being initiated, Tox first downloads Curl and TOR client to work.

The future of Ransomware or the Start of Crime-as-a-Service?

When everything has been said and done, we want to maintain that we do not promote this unlawful practice. Also, it is quite disturbing to imagine what the future looks like with tools like these in the hands of immature users who can cause unintentional and intentional damage to just for a few quick bucks.

As custom app developers, we do think it is a great idea despite being unethical and illegal.

Learn more about Mobile App Development services .

Summing Up

While at present there are no solutions to battle ransomware infection other than to pay the amount, you can still follow precautionary steps. Do not click on suspicious links and keep your anti-virus programs updated.

Also, make sure that your technology partner is creating secure applications for your business needs.

BluEnt keeps security an utmost priority for custom app development, mobile app development, and web app development. Get in touch now to know more about how we can develop secure applications for your business needs.

Maximum Value. Achieved.



Your Citation

Bluent Tech. "How to Create Your Own Ransomware" CAD Evangelist, Sep. 05, 2017, https://www.bluent.net/blog/how-to-create-your-own-ransomware/.

Bluent Tech. (2017, September 05). How to Create Your Own Ransomware. Retrieved from https://www.bluent.net/blog/how-to-create-your-own-ransomware/

Bluent Tech. "How to Create Your Own Ransomware" Bluent Tech https://www.bluent.net/blog/how-to-create-your-own-ransomware/ (accessed September 05, 2017 ).

copy citation copied!

BluEnt is a design, technology and engineering group with offices in New York, Toronto, London, Muscat, and Amsterdam. We partner with home builders, real estate developers and general contractors to efficiently manage projects. Companies rely on BluEnt for architectural drawings, Revit modeling, shop drawings and more.

Connect with us!

Let's Talk Fixed form

Request Form - Popup
  • This field is for validation purposes and should be left unchanged.