Case Study of Ransomware Malware Hiding Using Obfuscation Methods

Abstract

Ransomware problem recently proves to be a quite danger threat that after its launching ciphers the user files while storing and hiding the decryption key until a ransom is paid by the victim. This type of malware has been a lucrative business for cybercriminals and black hats. The ransomware spreading is easily possible because of the lack of prevention mechanisms in traditional detection-based protection, such as antivirus and anti-malware. Additionally, this malware forms incorporate advanced encryption algorithms and expand the number of file types in their target systems. Encrypting ransomwares target all types of businesses as well as the personal computers connected to the network. This paper discusses the creation and whole life cycle of the ransomware malware, ransomware design and implementation with DDE exploit in Python language and REST API in PHP completed with MySQL database.