Turkish security expert posts fully functional ransomware on Github

Posted 18 August 2015 18:25 CEST by Jan Willem Aldershoff

A Turkish security expert has posted the code of fully functional ransomware on open source hosting site Github. The currently undetectable ransomware is called ‘Hidden Tear’ and contains all the features a cybercriminal can expect from modern malware.

The malware supports encryption of files with strong AES SHA256 encryption. Once the system is infected the key is send to a server and the victim of the malware will see a text file on his desktop that contains information on how to get the files decrypted. The author of the malware also includes software that allows for decryption of files.

The actual code appears to be real although we haven’t tested it.¬†According to the expert the code has been posted for educational purposes. Nevertheless, there’s a big chance the ransomware will popup in new attacks.

MyCE Resident
Posted on: 19 Aug 15 23:02
Including malware inside of a FOSS program is quite rare. Many FOSS fanatics (such as myself) have repeatedly stated that using FOSS software as often as possible is a good way to protect one's self against malware simply because of the fact that FOSS malware is so rare.
0 Agree

Retired Moderator
Posted on: 20 Aug 15 14:15
This is the digital equivalent of handing loaded machine guns to monkeys for "educational purposes".
0 Agree

Reactions closed

Sorry, you can't comment on this item anymore. It's either too old or comments are disabled for this post.

Myce.com settings

Several settings at Myce.com can be changed, they are stored in cookies, which means they will be reset if you clear Myce.com cookies


Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here


Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page