Summary: A new ransomware variant called Doubleface has been introduced by its creators, boasting sophisticated features and claiming to be fully undetectable by major antivirus software. With advanced encryption methods and anti-analysis capabilities, it poses a significant threat to cybersecurity.
Threat Actor: Doubleface Creators | Doubleface Creators
Victim: Organizations | Organizations
Key Point :
- Doubleface employs dual-layer encryption using AES-128 and RSA-4096 algorithms, making decryption extremely difficult.
- The ransomware claims to be fully undetectable by major antivirus programs, including Windows Defender and Kaspersky.
- It features advanced capabilities such as Anti-Virtual Machine, Anti-Debugging, and Anti-Sandbox to evade cybersecurity measures.
- Pricing for the ransomware is set at $500 per stub, with the source code available for $10,000, emphasizing the high stakes for potential victims.
- The announcement highlights the urgent need for organizations to enhance their cybersecurity strategies in response to evolving threats.
.webp "Threat Actors Announced Doubleface Ransomware, Claims Fully Undetectable")
A new ransomware variant named Doubleface has been announced by its creators. The ransomware, which boasts a range of sophisticated features, claims to be fully undetectable by major antivirus software.
According to a Dark Web Informer tweet, Threat actors announced Doubleface Ransomware that claims fully undetectable.
/* custom css */
.tdi_3.td-a-rec{
text-align: center;
}.tdi_3 .td-element-style{
z-index: -1;
}.tdi_3.td-a-rec-img{
text-align: left;
}.tdi_3.td-a-rec-img img{
margin: 0 auto 0 0;
}@media (max-width: 767px) {
.tdi_3.td-a-rec-img {
text-align: center;
}
}
According to its creators, the Doubleface ransomware has been developed with a unique algorithm. The ransomware employs a combination of AES-128 and RSA-4096 encryption algorithms.
Each file’s AES encryption key is randomly generated and subsequently encrypted with an RSA encryption key. This dual-layer encryption is designed to make decryption exceedingly difficult without the correct RSA decryption key.
The ransomware is built using C/C++ programming languages, known for their efficiency and performance. The creators of Doubleface have released a video demonstrating the ransomware’s appearance and working principles, adding a layer of transparency to their claims.
Fully Undetectable Structure
One of the most alarming claims made by the Doubleface team is that their ransomware is fully undetectable (FUD). They assert that Doubleface has been tested on Windows 10/11 Defender, Avast, Kaspersky, and AVG and has successfully evaded detection by all these major antivirus programs.
This FUD structure poses a significant threat as it could potentially bypass existing cybersecurity measures in place at numerous organizations.
Doubleface also includes advanced features such as Anti-Virtual Machine, Anti-Debugging, and Anti-Sandbox capabilities, making it even more challenging for cybersecurity experts to analyze and mitigate its impact.
Pricing and Availability
The pricing for Doubleface ransomware is set at $500 per stub, with the fully undetectable ransomware source code available for a staggering $10,000.
The creators emphasize that no stub is required for decryption, and users must manage and remember each stub’s key. A critical warning is issued that all files will be destroyed if victims attempt to decrypt files with the wrong key.
This announcement has sent shockwaves through the cybersecurity community, highlighting the ever-evolving tactics of cybercriminals and the urgent need for robust, adaptive security measures.
As organizations brace for potential attacks, the importance of proactive cybersecurity strategies has never been more evident.
Source: https://cybersecuritynews.com/doubleface-ransomware-claims