Hidden Tear | |
---|---|
Technical name | Ransom.MSIL.Tear |
Type | Ransomware |
Subtype | Cryptovirus |
Classification | Trojan horse |
Origin | Istanbul, Turkey |
Authors | Utku Sen |
Technical details | |
Platform | Microsoft Windows |
Written in | C# |
Hidden Tear is the first open-source ransomware trojan that targets computers running Microsoft Windows [1] The original sample was posted in August 2015 to GitHub. [2]
When Hidden Tear is activated, it encrypts certain types of files using a symmetric AES algorithm, then sends the symmetric key to the malware's control servers. [3] However, as Utku Sen claimed "All my malware codes are backdoored on purpose", Hidden Tear has an encryption backdoor, thus allowing him to crack various samples. [4]
Hidden Tear | |
---|---|
Technical name | Ransom.MSIL.Tear |
Type | Ransomware |
Subtype | Cryptovirus |
Classification | Trojan horse |
Origin | Istanbul, Turkey |
Authors | Utku Sen |
Technical details | |
Platform | Microsoft Windows |
Written in | C# |
Hidden Tear is the first open-source ransomware trojan that targets computers running Microsoft Windows [1] The original sample was posted in August 2015 to GitHub. [2]
When Hidden Tear is activated, it encrypts certain types of files using a symmetric AES algorithm, then sends the symmetric key to the malware's control servers. [3] However, as Utku Sen claimed "All my malware codes are backdoored on purpose", Hidden Tear has an encryption backdoor, thus allowing him to crack various samples. [4]