Hacktivist group AzzaSec has recently unveiled a new Windows ransomware builder, showcasing their expertise in developing sophisticated malicious software. The announcement was made on June 23, 2024, through their Telegram channel, introducing a tool designed in .NET with advanced features like SHA 512 and AES encryption.
AzzaSec’s ransomware builder boasts capabilities that make it highly elusive to detection, with a successful evasion of major antivirus solutions such as Windows Defender, Avast, Kaspersky, and AVG. The group’s emphasis on security is evident in the encryption strength and anti-detection measures integrated into the builder.
Features and Functionality of the Windows Ransomware Builder
The ransomware builder not only encrypts data effectively but also includes anti-virtual machine, anti-debugging, and anti-sandbox features to thwart common security defenses. A demo video shared by AzzaSec demonstrates how decryption keys and victim information are securely stored on a centralized Command and Control server, enabling remote control and monitoring of the ransomware’s impact.
For those interested in acquiring AzzaSec’s ransomware, pricing options range from $500 for a single-use stub to a subscription model costing up to $3000 for six months. Additionally, the source code of the ransomware builder is available for purchase at a premium price of $5000, allowing customization and independent deployment.
The emergence of AzzaSec’s ransomware highlights the evolving landscape of cyber threats, particularly in the realm of ransomware-as-a-service. This model not only provides threat actors with ready-to-use tools but also commercializes cyber extortion, potentially leading to an increase in ransomware attacks worldwide.
As cybersecurity defenses continue to evolve, organizations and individuals must remain vigilant against the evolving tactics of malicious actors. The rise of sophisticated technologies in cybercrime underscores the importance of proactive cybersecurity measures and robust incident response plans to mitigate the risks posed by ransomware attacks.