Thursday, July 21, 2016

Most ransomware involves encrypting the host's data and then demanding a ransom for decryption.
I was trying to think of a less complicated way to achieve the same effect with less code and necessary permissions.

Instead of encrypting the data or transferring it to the attacker's computer, why not just keep it on the victim's machine and hide it,
with only one line of code.

mv -f /home ./Documents/.testy

Where the targets home directory is moved to a hidden directory in a different folder. An attacker could simply tell the victim that the data has been taken and demand a ransom, it is unlikely that the victim would think that someone would pull such a simple trick on them. However it's a one-trick pony so it's a bit lacking in the usefulness department.

No comments:

Post a Comment