var unreadAlerts = '1';
You have one unread private message from dkota titled Welcome to the Forum!

ransomware
#1
how to make ransomware
Report
#2
conti and lockbit have had their sources leaked. could look at them. other ransomware source out there too. plenty of technical analysis on existing ransomwares and their functionality, from day to day operations to the encryption process. just pick your poison and search around.
Reply Quote // Report
#3
many ways and techs. heres basic assuming you are targeting corporate systems (this will not actually work get creative)
1) Get in.(phishing, web vulns, etc)
these next couple are in no particular order
#)Spread to other computers
#)Spread to backups
#)Exfil data(maybe ??)

3) encrypt systems with random generated key. There are two ways to keep this key secret AND random

either use pub key encryption(if you write your own make sure side channel attack is not viable) or generate the key and send to c2(encrypt this traffic)

4) If they dont pay release/sell their data if they do pay provide decryptor
5)PROFIT

tips:
Await for certain date so the malware gets backed up
Only encrypt files that have a certain extension(pdf, txr, etc, etc)
Get creative, change their background, make a gui, stop processes, etc etc.
UwU
Reply Quote // Report
#4
Learn how encryption algorithms work. Learn C++ (you can use other languages like C# but C++ is the standard for most ransomware). If you are infecting individual computers then don't expect to receive a large amount of money, most people don't have anything too important on their computer to pay money for and most of what they care about (like games) are on the cloud. You would be better off using their hardware resources with a stealthy Monero CPU miner. Targeting organizations is a better way of making money with ransomware (but you have to really know what you are doing).
Reply Quote // Report
#5
nullcat Wrote: Learn how encryption algorithms work. Learn C++ (you can use other languages like C# but C++ is the standard for most ransomware). If you are infecting individual computers then don't expect to receive a large amount of money, most people don't have anything too important on their computer to pay money for and most of what they care about (like games) are on the cloud. You would be better off using their hardware resources with a stealthy Monero CPU miner. Targeting organizations is a better way of making money with ransomware (but you have to really know what you are doing).

I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective

heyTakka Wrote: many ways and techs. heres basic assuming you are targeting corporate systems (this will not actually work get creative)
1) Get in.(phishing, web vulns, etc)
these next couple are in no particular order
#)Spread to other computers
#)Spread to backups
#)Exfil data(maybe ??)

3) encrypt systems with random generated key. There are two ways to keep this key secret AND random

either use pub key encryption(if you write your own make sure side channel attack is not viable) or generate the key and send to c2(encrypt this traffic)

4) If they dont pay release/sell their data if they do pay provide decryptor
5)PROFIT

tips:
Await for certain date so the malware gets backed up
Only encrypt files that have a certain extension(pdf, txr, etc, etc)
Get creative, change their background, make a gui, stop processes, etc etc.




I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective
Reply Quote // Report
#6
nomaidenboy Wrote:
nullcat Wrote: Learn how encryption algorithms work. Learn C++ (you can use other languages like C# but C++ is the standard for most ransomware). If you are infecting individual computers then don't expect to receive a large amount of money, most people don't have anything too important on their computer to pay money for and most of what they care about (like games) are on the cloud. You would be better off using their hardware resources with a stealthy Monero CPU miner. Targeting organizations is a better way of making money with ransomware (but you have to really know what you are doing).

I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective

heyTakka Wrote: many ways and techs. heres basic assuming you are targeting corporate systems (this will not actually work get creative)
1) Get in.(phishing, web vulns, etc)
these next couple are in no particular order
#)Spread to other computers
#)Spread to backups
#)Exfil data(maybe ??)

3) encrypt systems with random generated key. There are two ways to keep this key secret AND random

either use pub key encryption(if you write your own make sure side channel attack is not viable) or generate the key and send to c2(encrypt this traffic)

4) If they dont pay release/sell their data if they do pay provide decryptor
5)PROFIT

tips:
Await for certain date so the malware gets backed up
Only encrypt files that have a certain extension(pdf, txr, etc, etc)
Get creative, change their background, make a gui, stop processes, etc etc.




I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective


yes most files with exceptions can be encrypted.
UwU
Reply Quote // Report
#7
heyTakka Wrote:
nomaidenboy Wrote:
nullcat Wrote: Learn how encryption algorithms work. Learn C++ (you can use other languages like C# but C++ is the standard for most ransomware). If you are infecting individual computers then don't expect to receive a large amount of money, most people don't have anything too important on their computer to pay money for and most of what they care about (like games) are on the cloud. You would be better off using their hardware resources with a stealthy Monero CPU miner. Targeting organizations is a better way of making money with ransomware (but you have to really know what you are doing).

I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective

heyTakka Wrote: many ways and techs. heres basic assuming you are targeting corporate systems (this will not actually work get creative)
1) Get in.(phishing, web vulns, etc)
these next couple are in no particular order
#)Spread to other computers
#)Spread to backups
#)Exfil data(maybe ??)

3) encrypt systems with random generated key. There are two ways to keep this key secret AND random

either use pub key encryption(if you write your own make sure side channel attack is not viable) or generate the key and send to c2(encrypt this traffic)

4) If they dont pay release/sell their data if they do pay provide decryptor
5)PROFIT

tips:
Await for certain date so the malware gets backed up
Only encrypt files that have a certain extension(pdf, txr, etc, etc)
Get creative, change their background, make a gui, stop processes, etc etc.




I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective


yes most files with exceptions can be encrypted.

can you help me
or maybe help sell the backdoor and database access I got
Reply Quote // Report
#8
nomaidenboy Wrote:
nullcat Wrote: Learn how encryption algorithms work. Learn C++ (you can use other languages like C# but C++ is the standard for most ransomware). If you are infecting individual computers then don't expect to receive a large amount of money, most people don't have anything too important on their computer to pay money for and most of what they care about (like games) are on the cloud. You would be better off using their hardware resources with a stealthy Monero CPU miner. Targeting organizations is a better way of making money with ransomware (but you have to really know what you are doing).

I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective

heyTakka Wrote: many ways and techs. heres basic assuming you are targeting corporate systems (this will not actually work get creative)
1) Get in.(phishing, web vulns, etc)
these next couple are in no particular order
#)Spread to other computers
#)Spread to backups
#)Exfil data(maybe ??)

3) encrypt systems with random generated key. There are two ways to keep this key secret AND random

either use pub key encryption(if you write your own make sure side channel attack is not viable) or generate the key and send to c2(encrypt this traffic)

4) If they dont pay release/sell their data if they do pay provide decryptor
5)PROFIT

tips:
Await for certain date so the malware gets backed up
Only encrypt files that have a certain extension(pdf, txr, etc, etc)
Get creative, change their background, make a gui, stop processes, etc etc.




I have access to the backdoor I created and the database of a large company
can ransomware lock php or postgresql/mysql databases?
I want to lock their database and application files.
because holding pdf document data and other files is no longer effective

Database engines like MySQL store the data in files (big surprise) and these files can be encrypted with ransomware. The issue is If the company has any legitimacy then they will have kept backups to this data so ransomware will be ineffective. If this data is sensitive then you could download it and blackmail them threatening to leak the data. Ensure that you take the necessary steps to not have this attack traced back to you for obvious reasons
Reply Quote // Report


Quick Reply
Message
Type your reply to this message here.



Possibly Related Threads…
Thread Author Replies Views Last Post
  Ransomware Actor Leaves Tools on VPS DataBroker 3 69 06-19-2023, 10:39 PM
Last Post: shroom_vagabond
  Conti Ransomware and Roadmap Guide Omien 2 256 05-01-2023, 02:29 PM
Last Post: bitflips



Users browsing this thread: purely_cabbage
var thread_deleted = "0"; if(thread_deleted == "1") { $("#quick_reply_form, .new_reply_button, .thread_tools, .inline_rating").hide(); $("#moderator_options_selector option.option_mirage").attr("disabled","disabled"); }