A Home-made Open Source Ransomware Is Destroying User’s Files

hidden tear ransomware image
hidden tear ransomware image

hidden tear ransomware imageShort Bytes: A home-made ransomware open source code on GitHub, which was supposed to work for the educational purposes, has spread in the wild. It seems that the intention of the maker was something different along the way.

Hidden Tear ransomware was open-sourced by a Turkish security group Otku Sen. This ransomware infects users by encrypting their files and losing the encryption key along the way — thus rendering all files unrecoverable. According to some, this was to fool the developers of ransomware as a honeypot.

This code was put on Github to lure the developers so that they are saved from creating their own ransomware code and can easily use this code. This hidden Tear contained a crypto flaw that would allow the researcher to decrypt files later on if someone ever used his code.

Earlier, the maker of Hidden Tear said:

While this may be helpful for some, there are significant risks. Hidden tear may be used only for Educational Purposes. Do not use it as a ransomware! You could go to jail on obstruction of justice charges just for running hidden tear, even though you are innocent.

In another case of the same Turkish security group Otku Sen, a website from Paraguay was hacked where the users were redirected to a fake Adobe Flash look-a-like website that spread a booby-trapped Flash Player update.


Users that downloaded this update would see the file launch into execution as soon as it finished downloading, and in a matter of minutes they would be infected with a crypto-ransomware that encrypted the most of their data files.

A badly encrypted ransomware’s incident has not taken place for the first time. Last year in November, a version of the Power Worm ransomware managed to lose the encryption key of the users resulting into permanently locking user files.

For more information on Hidden Tear ransomware, visit Trend Micro’s blog.

Similar Posts