Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Paradise ransomware source code shared on hacker forum
The Paradise source code is publicly shared, available for download by all active members of the XSS.is forum. XSS.is is a forum for hackers, mostly Russian hackers.
Paradise ransomware source code shared on hacker forum Picture 1
Security researcher Tom Malka downloaded the source code then compiled it and confirmed that it produces three executables. The first file is the ransomware configurator, the second is the encryptor, and the third is the decrypter.
Paradise ransomware source code shared on hacker forum Picture 2
Scattered inside the source code are lines of comments in Russian. This shows that the author of this ransomware uses Russian.
Paradise ransomware source code shared on hacker forum Picture 3
Once they have the source code, hackers can create their own custom ransomware. Customizable sections include control server, encrypted extension file statement, and contact email address.
After the customization is complete, the hacker can deploy and distribute to the victim.
Welcome to Paradise
Ransomware Paradise first appeared in September 2017 through phishing emails containing malicious IQY attachments. Clicking on this file, the ransomware will be downloaded and installed on the victim's machine.
Over time, many versions of Paradise have been released because the first versions contained vulnerabilities that security experts could easily decipher. On the new versions, Paradise has used RSA encryption method, so it is much more difficult to decrypt.
According to Michael Gillespie, the creator of the decryptor for the first version of Paradise, the Paradise ransomware has the following versions:
- Paradise - Original version with holes
- Paradise .NET - .NET secure version switches to RSA encryption algorithm
- Paradise B29 - A variant that only encrypts the end of the file
Ransomware Paradise, which was heavily distributed in the period from September 2017 to January 2020, suddenly reduced the frequency of terrorizing victims. Until now, it is very rare to see computers infected with this ransomware.
Maybe Paradise will return once the source code is shared publicly.
Kareem WintersYou should read it
- 7 kinds of ransomware you didn't expect
- How to decode ransomware InsaneCrypt (Everbe 1.0)
- List of the 3 most dangerous and scary Ransomware viruses
- STOP - Ransomware is the most active in the Internet but rarely talked about
- Ransomware can encrypt cloud data
- General guidelines for decoding ransomware
- What is Ransomware Task Force (RTF)?
- New variant of ransomware Arena Crysis appeared
- [Infographic] 7 effective ways to protect businesses from Ransomware
- Is Ransomware Annabelle scary with Annabelle movies?
- Why is Ransomware the perfect hack?
- Ryuk Ransomware has added 'selective' encryption capabilities.
Maybe you are interested
Will Africa become a potential paradise for cryptocurrencies?
Passport to Paradise: TRVLing to Unforgettable Destinations
How a VPN makes your Streaming life a living Paradise
Roblox: Spotify Island Game Guide - paradise for music lovers
Fever with Vardo Hut - unique children's play paradise
Discover these paradise islands in 2017, you'll get $ 300
Attack the network
SolarMarker malware puts users at risk- Hackers can spy on Samsung users with pre-installed apps
- Detecting new culprits attacking Windows 10
- Warning of Critical Vulnerability Affecting Realtek Wi-Fi Modules
- Mysterious cyber attack paralyzes the world's largest meat supplier
- This new ransomware is threatening unpatched Microsoft Exchange servers
SolarMarker malware puts users at risk
Hackers can spy on Samsung users with pre-installed apps
Detecting new culprits attacking Windows 10
Warning of Critical Vulnerability Affecting Realtek Wi-Fi Modules
Mysterious cyber attack paralyzes the world's largest meat supplier
This new ransomware is threatening unpatched Microsoft Exchange servers