A threat actor is promoting a new version of the free-to-use ‘Redeemer’ ransomware generator on hacker forums, offering unskilled threat actors an easy entry into the world of encryption-backed extortion attacks.
Earlier this month, Cerebrate, the developer of the Redeemer malware, released its new version Redeemer 2.0 with updated features on a dark web hacker forum. In their post, Cerebrate stated that Redeemer is coded in C++. The author made the Redeemer package accessible on Dread, including the build.dat, decryptor, and affiliate toolkit files.
The ransomware was created to work only on Windows operating systems from Vista onwards and must be run as administrator to infect the victim’s system. It features multi-threading support for performance and a medium AV detection rate. The dangerous thing about this is that anyone can download the Redeemer ransomware generator for free. The author takes 20% of the fees in case any victim pays the ransom. It then shares a private build key for encryption and specifies email addresses for further communication though of course we would never recommend doing this.
The new version of the ransomware creator features many additions such as Windows 11 support, GUI tools and more communication options such as XMPP and Tox Chat.
Additionally, there is now a campaign ID tracking system, which aggregates the data into the executable, allowing threat actors to see various campaigns they may run.
It is very important to take security measures to prevent attacks from these types of ransomware and more because we know that many people will want to take advantage of it because it is an easy tool to obtain.
