Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


ShinoLocker Ransomware Simulator – The Penetration Test Ransomware

ransomware-on-focus-sensorstechforumAES-128 has been used by this ransomware created for Black Hat 2016 presentation. This “beautiful” piece of malware uses a C&C server that provides the decryption key of the files ShinoLocker has encrypted for free. It has been made primarily for people to study the activities of ransomware and hence hopefully increase the ransomware awareness and protection mechanisms worldwide. This is surely a great start of this imaginary defensive borderline which aims to protect users and businesses against this new type of crime which has seen a revolutionary rise. We have decided to look into this virus created by Shota Shinogi from Japan and explain what it does for an informative purpose.

Threat Summary

Name

ShinoLocker

TypeRansomware Simulator.
Short DescriptionThis ransomware simulator, created for penetration testing encrypts files of affected users, leaving them unopenable. Uses an AES-128 cipher. It doesn’t require any payoff for file decryption and provides everything on the website shinolocker.com
SymptomsEncrypts the files changing their icon to a green padlock icon. Encrypted files can no longer be opened.
Distribution MethodVia conventional ransomware replication methods.
Detection Tool See If Your System Has Been Affected by ShinoLocker

Download

Malware Removal Tool

User ExperienceJoin our forum to Discuss Cerber Ransomware.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

ShinoLocker Ransomware Simulator In Depth

Typical for a ransomware virus, ShinoLocker uses a strong algorithm to encrypt files – AES cipher with a 128-bit encryption. The malicious file of the virus can be downloaded from the official website of ShinoLocker – shinolocker.com:

shinolocker-website-sensorstechforum

Similar to the ransomware viruses sold illegally online as ransomware kits, ShinoLocker’s creator has made it possible that the user can modify what will be encrypted and what he or she wants the fake virus to do:

build-virus-sensorstechforum

As soon as the green “Build” button is clicked, the virus is downloaded as an executable on the simulated victim’s computer.

shinolocker-exe-sesnorstechforum

After infection, the files are encrypted, and they can no longer be opened. The creator of this virus has kindly published a decryption key page where the simulated victims can paste their identification and decryption key and hence unlock their files and make them usable again:

shino-key-to-decrypt-sensorstechforum-shinolocker

We strongly advise users who will be focused on downloading and using ShinoLocker ransomware for penetration testing or just if they want to research and see how it works, to do it either on a virtual drive or a computer where they do not keep important files, despite everything.

Furthermore, for the encryption to work successfully and they AES key to be generated without a hic-up, researchers suggest disabling any antivirus protection since this virus

If you are doing research on the virus, instead of wasting your time and downloading its files to check the infection process, we urge you to watch this video on YouTube instead.

How May Ransomware Like ShinoLocker Distribute

Viruses like ShinoLocker use different methods to spread. For cyber-criminals as long as the malicious file of the virus is dropped onto the hard-drive of your computer, the method is liable. This is why they often turn to different methods to spread ransomware:

  • E-mail spam.
  • Referral spam on websites.
  • Skype spam.
  • Facebook spam.
  • Other malware.
  • Hands-on approach.
  • Rely on PUPs and adware to cause redirects on affected computers.

Whatever the case may be and from any direction, the attack may come, users should be aware that there are certain tips we recommend following to stay protected from ransomware nowadays:

1. Follow these general protection tips.
2. Download an advanced malware protection program.

Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

3. Download a relevant ransomware protection program.
4. Download a relevant cloud backup program that backups copies of your files on a secure server and even if your computer is affected you will stay protected.

ShinoLocker and Ransomware In General – Conclusion

Ransomware viruses have become even a greater menace that they were the previous years they have been created. The so-called cyber-crime syndicates have arisen to make money illegally making this a new chapter in the organized crime segment. Since the attacks are so-many, white hat hackers and malware researchers are desperately fighting against ransomware, but they are hopeless against the military grade encryption algorithms created to protect us from ourselves. The best thing that can be done is to unite and raise awareness as well as mutually develop newer and newer protection methods and pay serious attention on the ransomware menace, because nowadays this is a war directly brought to our homes and computers.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.