Post originally posted on my blog
A couple of weeks ago, I experimented with creating a small ransomware script, and looked into how to run it in ...
For further actions, you may consider blocking this person and/or reporting abuse
I've seen you program brain interface live on stage and now you're building ransomwares. I put two and two together and do not like where this is going 🧐
Very interesting - thank you. Ransomware scares me. I spent some time recently researching how I might get yourself some protection from an attack by keeping file copies in a secure location. The conclusion was depressing - it seems there's no such thing as a secure location if it's linked permanently to your machine in some way. I started with the idea that dropbox et al might be the answer, but soon gave up. I won't bore you with the details, but each month now I get an email reminding me that a scheduled dump is going to run in the wee small hours and that I need to connect my remote hard drive before it starts and disconnect same when it's finished. Is this 2022 or what?
Nice article. Wondering, how any security tool can pick things like this. If you think encryption/decryption invocations should be flagged. It's hard. How do we differentiate between genuine function vs a ransomware (like this). Will be interesting to see what the future scanner will look like!
Hello Charlie, thanks for sharing!
This is quite interesting, and as you mentioned, this is a manual step to prevent security issues, also it's important to use exact versions of these external packages/libs and people always forget that!
Thanks for the reminder <3
I’ve been uncomfortable with all these package updates since I realized things like this could be achieved a long time ago.. All this breaking module updates and now this. Great example Charlie.
Been a victim of ransomware before, didn't know it was this easy to do to anyone
Thanks!
good read
Wow that was quite interesting!
You might be interested in looking at NodeSecure/cli: github.com/NodeSecure/cli
We are working hard on providing open source tools able to detect that kind of malicious package.
amazing content keep it up
Amazing article. Thank you Charlie for sharing. One should never just install whatever package he finds online, a mistake I see gets often repeated.
Very interesting! Thank you.
Use Nodejs in Docker. Your host system remains protected at least in this type of attack.