SYMBOLCOMMON_NAMEaka. SYNONYMS
win.hiddentear (Back to overview)

HiddenTear

aka: Cryptear, FuckUnicorn

HiddenTear is an open source ransomware developed by a Turkish programmer and later released as proof of concept on GitHub. The malware generates a local symmetric key in order to encrypt a configurable folder (/test was the default one) and it sends it to a centralized C&C server. Due to its small payload it was used as real attack vector over email phishing campaigns. Variants are still used in attacks.

References
2021-11-04CrowdStrikeEric Loui, Josh Reynolds
CARBON SPIDER Embraces Big Game Hunting, Part 2
BlackMatter Griffon BlackMatter DarkSide HiddenTear JSSLoader
2020-05-26Bleeping ComputerIonut Ilascu
New [F]Unicorn ransomware hits Italy via fake COVID-19 infection map
HiddenTear
2020-05-25Twitter (@JAMESWT_MHT)JamesWT
Tweet on FuckUnicorn instance of HiddenTear
HiddenTear
2019-10-26Dissecting MalwareMarius Genheimer
Earn-quick-BTC-with-Hiddentear.mp4 / About Open Source Ransomware
HiddenTear
2018-01-09Twitter (@struppigel)Karsten Hahn
Tweet on HiddenTear Sample
HiddenTear
2017-08-21Utku Sen BlogUtku Sen
I'm Sorry For Hidden Tear and EDA2
EDA2 HiddenTear
2017-06-12SlideShareChristopher Doman
Open Source Malware - Sharing is caring?
HiddenTear
2016-03-20TripwireTripwire Guest Authos
Hidden Tear Project: Forbidden Fruit Is the Sweetest
HiddenTear
2016-01-25Bleeping ComputerLawrence Abrams
Hidden Tear Ransomware Developer Blackmailed by Malware Developers using his Code
EDA2 HiddenTear
2015-08-18Github (goliate)goliate
ransomware open-sources
HiddenTear

There is no Yara-Signature yet.