[ad_1]
A developer has created an open source anti-ransomware tool called RansomLord. This software automates the creation of PE files exploiting ransomware vulnerabilities before they are encrypted. Its creator made it public on GitHub.
We are never better served than ourselves when it comes to the security of our data. “ I created RansomLord to demonstrate that ransomware is not invincible, that it has vulnerabilities, and that its developers make mistakes like everyone else “. A simple observation which gives birth to a genius idea, resulting from enormous work by a developer, Hyp3rlinx, who created RamsomLord from scratch, a tool capable of countering ransomware by exploiting their flaws before they encrypt the data.
This software deploys exploits to defend computer networks. Its first target was LockBit ransomware (flaw MVID-2022-0572). And the icing on the cake, he shares RansomLord as open source, on GitHub.
RansomLord: A powerful tool to fight ransomware
RansomLord exploits DLL hijacking tactics commonly used by cybercriminals. It automates the creation of PE files by exploiting ransomware vulnerabilities before encrypting them. PE (Portable Executable) files are executable files on Windows systems that contain the code of programs and applications.
Its “-m” flag helps map threats to vulnerable DLLs, thereby targeting ransomware aimed at a specific organization or industry. By exposing the flaws in these malware, the tool forces their developers to refactor their code to fix the vulnerabilities. Hackers, busy getting their hands dirty in their dirty work, give security teams time to ward off attacks. A time saving that we know is precious.
RansomLord currently exposes 12 DLL files to defend against 49 ransomware families, such as _cryptsp.dll_ which alone defeats 15 variants including Yanluowang, Conti and LokiLocker. It takes advantage of the high rate of malware suffering from this attack vector to neutralize other threats such as Trojans and information stealers, like Emotet (MVID-2024-0684).
RansomLord freely available on GitHub
Hyp3rlinx has chosen to share RansomLord for free on the GitHub platform, probably the most popular software development hosting and management web service, although also vulnerable, as evidenced by the security breach in April 2024 which allowed hackers to distribute… malware on the platform. It uses Git, a decentralized version control software, for tracking changes in source files. Developers can therefore collaborate on projects from anywhere. This decision allows everyone to access this powerful anti-ransomware tool.
By making RansomLord open source on GitHub, hyp3rlinx offers the community the opportunity to study, improve and adapt this software to their specific needs. This will help you stay one step ahead of ever-evolving ransomware. Any organization or individual faced with this threat will now be able to protect themselves effectively thanks to RansomLord and its Robin Hood 3.0. Moreover, hyp3rlink is not the only “nice hacker” working for the good of personal data and user security. In April 2024, a team created PedoRansom, malware that traps users who view child pornography content. A little earlier, the cyberattack on Lyon Terminal was committed by the 8base gang, who call themselves “ honest “.
Download
- Category: Application development
The essential free tool for Git version and repository management. It allows you to handle a complex file system as part of a development project.
The essential free tool for Git version and repository management. It allows you to handle a complex file system as part of a development project.
Source : HelpNet Security, RansomLord on GitHub
[ad_2]
Source link -99
7