Threat Actors Announced Doubleface Ransomware, Claims Fully Undetectable

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

A new ransomware variant named Doubleface has been announced by its creators. The ransomware, which boasts a range of sophisticated features, claims to be fully undetectable by major antivirus software.

According to a Dark Web Informer tweet, Threat actors announced Doubleface Ransomware that claims fully undetectable.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

According to its creators, the Doubleface ransomware has been developed with a unique algorithm. The ransomware employs a combination of AES-128 and RSA-4096 encryption algorithms.

Each file’s AES encryption key is randomly generated and subsequently encrypted with an RSA encryption key. This dual-layer encryption is designed to make decryption exceedingly difficult without the correct RSA decryption key.

The ransomware is built using C/C++ programming languages, known for their efficiency and performance. The creators of Doubleface have released a video demonstrating the ransomware’s appearance and working principles, adding a layer of transparency to their claims.

Fully Undetectable Structure

One of the most alarming claims made by the Doubleface team is that their ransomware is fully undetectable (FUD). They assert that Doubleface has been tested on Windows 10/11 Defender, Avast, Kaspersky, and AVG and has successfully evaded detection by all these major antivirus programs.

This FUD structure poses a significant threat as it could potentially bypass existing cybersecurity measures in place at numerous organizations.

Doubleface also includes advanced features such as Anti-Virtual Machine, Anti-Debugging, and Anti-Sandbox capabilities, making it even more challenging for cybersecurity experts to analyze and mitigate its impact.

Pricing and Availability

The pricing for Doubleface ransomware is set at $500 per stub, with the fully undetectable ransomware source code available for a staggering $10,000.

The creators emphasize that no stub is required for decryption, and users must manage and remember each stub’s key. A critical warning is issued that all files will be destroyed if victims attempt to decrypt files with the wrong key.

This announcement has sent shockwaves through the cybersecurity community, highlighting the ever-evolving tactics of cybercriminals and the urgent need for robust, adaptive security measures.

As organizations brace for potential attacks, the importance of proactive cybersecurity strategies has never been more evident.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access