16 June 2021

Paradise ransomware source code leaked on XSS hacker forum


Paradise ransomware source code leaked on XSS hacker forum

The source code for the Paradise ransomware has been released on the Russian-speaking hacker forum XSS. The source code was first spotted by Tom Malka, the senior threat intelligence analyst at cybersecurity firm Security Joes, who shared the finding with BleepingComputer.

Malka compiled the source code and discovered that it creates three executables, the ransomware configuration builder, the encryptor, and a decryptor.

The analysis of the source code revealed it contained Russian comments, giving an inkling of the origin of a developer behind the ransomware.

The Paradise ransomware operation first launched in 2017 and was active until 2020 when the gang’s activities significantly dropped. Over the years, multiple Paradise versions were released, including a .NET version that implemented RSA encryption.

According to the security researcher Michael Gillespie, the leaked source code is for the secure version of Paradise ransomware that uses RSA encryption to encrypt files. Cybercriminals could develop their own ransomware based on this source code and use it to conduct ransomware attacks.

Back to the list

Latest Posts

NSA publishes guidance on how to secure wireless devices in public settings

NSA publishes guidance on how to secure wireless devices in public settings

The agency advises to avoid connecting to public Wi-Fi, and use a corporate or personal Wi-Fi hotspot with strong authentication and encryption whenever possible.
30 July 2021
Death Kitty ransomware reportedly behind the attack on South African ports

Death Kitty ransomware reportedly behind the attack on South African ports

The attackers claim they encrypted the company’s files, including 1TB of personal data, financial reports and other documents.
30 July 2021
New destructive wiper malware linked to recent Iranian railway attack

New destructive wiper malware linked to recent Iranian railway attack

The Meteor wiper was developed in the past three years and seems to be designed for reuse in multiple campaigns.
30 July 2021