Ransomware Attack Simulation
ฝัง
- เผยแพร่เมื่อ 23 ม.ค. 2022
- Lockard Security conducted a ransomware simulation that started off by exploited a fully patched and updated Windows 10 pro system running Office 2021. The exploit was using a Word document that was able to establish a reverse tcp shell. From there Lockard Security was able to setup persistence by backdooring Google Chrome and deployed ransomware. The ransomware attack was successful and was able to move laterally into different subnets by abusing the trust between zones. For a security assessment by Lockard Security, contact us at www.lockardsecurity.com to schedule your assessment today.
- วิทยาศาสตร์และเทคโนโลยี
![พาแม่บินครั้งแรก..เกือบวูบ! ให้เกาหลีเยียวยาใจ I Korea Ep.1 [Seoul] x อุงเอิง](http://i.ytimg.com/vi/waL3__dEQBU/mqdefault.jpg)
![[Full Episode] MasterChef Junior Thailand มาสเตอร์เชฟ จูเนียร์ ประเทศไทย Season 3 Episode 3](http://i.ytimg.com/vi/A1XXYbV048k/mqdefault.jpg)
Thank you for everyting bro, have a good job.
Hey mate the Infection-Simulation document that you used to maintained the connection and to upload the malware in the victim machine where did you get it from? (Educational purpose). Thanks.
I would thank you if you could give a link to your research with all the commands you used for the persistence part, of course just for educational purposes
Do you have a paid course to be possible we learn step by step about this ?
Thank you for this video. I need your help.. My laptop was exposed to a JAWR ransomware attack. I see that you are an expert in this field. I hope you can help me solve this complex problem. Thank you very much in advance
Thanks for this demo. On question please, if the user is not a local admin and is unable to run the file after clicking, will the hack still be successful?
Hi, I'm sorry for the delayed response as I'm just now seeing your question. A non admin user would still be able to open this file. In doing so the malicious code would still run, however it would be in the context of the users permissions. When this happens, the attack much do a privilege escalation attack to get admin / root access.
Which kali tool did you used?
Hey! It's an absolute amazing video..but how can i get this codes..for my Ransomware project?can u reply pls.
HI! I have been trying to simulate ransomware traffic for testing a countermeasure but I couldn't. How can I simulate wannacry ransomware traffic?
Best Regards
Nice video, explanation and demonstration.
I think you should try again against a computer who has a paid license of antivirus (e.g ESET etc).
The free version Windows defender has nothing in order to defend any attack.
this is interesting technique and similar somehow to a signed malware with a company's private signing key typically to backdoor whitelisted applications. modern cyber sec are getting way more sophisticated than ever.
I Was Also Looking For That Type Of Videos Bro 🥲
how about if you have a DYNAMIC IP ADDRESS? will ransomware be possible?
I would like to see how the ransomware was created (for ed purposes) so I can provide a debrief to a couple clients.
🤨🤨
Yeeees clients
IKIK
just drop all inbound connections on port 5985 & 5986 to prevent this?
i assume you made a backdoor first, just how do you crypt it in kali linux plus exploit?
Its a broken Macro technique, I recommend taking the OSEP training to learn more about this method. I avoid using crypters as they are easily flagged as suspicious.
@@lockard452 okay thanks lol
@@lockard452I want to learn more about hacking can you make a discord by anychance
Sir can i have a copy ofnthat simulation? For educational purposes, im into cybersec right now
do you have a video where you put the malicious code into the macro file? Thank you
Hi, I'm sorry for the delayed response as I'm just now seeing your question. No I do not, the main reason for that is so AV vendors doesn't pick up some of my methods. That said, this one already is being detected, which is expected over time. I'll consider creating move videos on the entire process, start to finish. Along with diving deeper into the code and methods used.
how to disable antivirus before infecting?
What kind of mail you are using ? How can I use it ? Is it free ?
Is tempmail
Can you make a tutorial on how to create such ransomware?(Love your content)
lol
How did you make it without WinDef or AV noticing or alarming? Can u tell me in 1-2 sentences how this exploit works and what I need to do? (educational purposes only)
crypter
Hi, I'm sorry for the delayed response as I'm just now seeing your question. It requires creating the payload in away that is unique, without any suspicious indicators that would get flagged. Most crypters are easily detectable as suspicious,. It requires a lot of testing, trail and error. For example, the methods I used here no longer works, therefore you have to always continue to evolve the payloads to stay one step ahead of the detection engines.
Hey guys hacker's control ransom with a C&C server?
does kaspersky allow opening the infected word-doc in the beginning of the vid? i dont think so so its preventing the ransomware attack?
That probably all depends on the exploit in the doc
How do you make this Word Document without Makros?
Its a broken Macro technique. I recommend taking the OSEP training to learn more about this method.
Start with the full video so I learn how to create the payload and listener
I'll be creating an updated video with full end to end which will show the latest and greatest processes and methods.
Hi bro
If a pc is infected with ransomeware virus how to decrypt it please do a video
you can't, pay or format your pc
how did you get access to the targets computer?
The link the victim clicked gave away the IP address, and with the IP, the hacker can basically access the victim.
@@BlockImmigrantsso a Firewall rule will block this connection?
@@TK-od8hdonly if the attacker IP was known beforehand and it was put in the rule
Muito boa apresentação!!
Hello Lord, I have final project tomotrow, and I need to demonstrate this attack to get bonus points, I really need this. Can you help me, plsss?!!
Dang, I'm just now seeing this comment! Hope you were able to do demonstrate this for your class.
broo help me out. im going through the same thingg
It's Kali Linux
give me the google sheet documents
You don't want it :D
how to remove ransomware??
same question tried all decryption methods but not work 😢😢
cause u can't only the one who puts it in the system who can which u gonna need to pay for
Je parie que personne ne saurait m'envoyer un ransomware 😂
who would use windows ge
So you don’t go to jail y’all, hack a vm lol
Instead of “hacker” you should say cyber criminal.
generally its hacker
Hi, can i contact you pls
I watch the video but still couldn’t do it myself until he came to my aid👆(the above bio on social media). Thank you