A ransomware development kit from China allows anyone interested to customize their own ransomware for Android. Coding skills are not necessary, only requiring the user to fill out a form.
It usually requires coding skills (and a lot of experimentation and patience) to be able to create good software. This is also true for cybercriminals, who come up with different ransomware variants which vary in encryption process and attack vectors. However, a new development tool has recently been made available on hacking discussion boards, which now allows anyone interested to customize their own crypto-malware and spread it around for profit.
According to a report by Dinesh Venkatesan of Symantec, the Trojan Development Kit app for Android comes in an easy-to-use interface. It is being distributed through popular social networking sites in China. « The entire process of creating a ready-to-use piece of malware is done on a smartphone without any requirement to write a single line of code. » All a user needs to do is choose the customization they want on the form provided.
The app can customize the ransom note, decryption key, icon, mathematical operations for the code, and the type of animation to be played on the host device. Once all the information has been filled in, the user hits the « Create » button. At this point, they are given a direct chat with the app developer to discuss a one-time payment. After this is done, users can now proceed, and spawn as many variants as they like.
Symantec’s blog post notes that while the ransomware creator app is aimed at Chinese-speaking users, modifying the interface language is simple, and the tool will be very likely offered in other dialects in the future.
« These apps are not just useful for aspiring and inexperienced cyber criminals as even hardened malware authors could find these easy-to-use kits an efficient alternative to putting the work in themselves, » Venkatesan explains. « We expect to see an increase in mobile ransomware variants as these development kits become more widespread. »
Indeed, the ransomware-as-a-service system has made it easy for criminals to distribute malware for their own profit. Back in 2016, Ransom32 developers allowed those interested to customize their own crypto-malware. Those behind Petya and Mischa also offered profit by spreading their ransomware.
All things considered, to protect against threats on mobile devices, it is recommended to refrain from downloading apps from sketchy or unofficial websites. Using a security and backup solution can help, in order to ensure full defense against ransomware and other threats.
Source: Symantec via ZDNet