Malware Alert LMAOxUS Ransomware: Another Case of Weaponized Open Source Ransomware

Discussion in 'News Archive' started by Solarquest, Apr 6, 2017.

  1. Solarquest

    Solarquest Moderator
    Staff Member AV Tester

    Jul 22, 2014
    An Indian developer is playing around with an open source ransomware builder, which in the long run may end up causing serious problems for innocent users.

    This developer, who goes by the nickname of Empinel and claims to be based in Mumbai, has forked the open source code of the EDA2 project, and with the help of another user, has removed the backdoor hidden in EDA2's original code.

    His work started back in May 2016, when he tinkered with EDA2's source code and renamed the project to Stolich, modifying certain aspects of EDA2's encryption.

    He received help in September 2016 when another "friendly" developer pushed a pull request to the Stolich repo that removed the EDA2 backdoor code.


    While people work on malware code on GitHub all the time, a fully-functional version of the EDA2-based Stolich ransomware popped up on VirusTotal two days ago.

    Stolich used in "production"
Similar Threads Forum Date
Video Review Emsisoft AntiMalware 2018 vs Ransomwares Video Reviews Yesterday at 11:53 PM
Author of Polski, Vortex, and Flotera Ransomware Families Arrested in Poland Security News Yesterday at 4:41 PM
Zenis Ransomware Encrypts Your Data & Deletes Your Backups Security News Friday at 5:24 PM
  • About Us

    Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.
  • Need Malware Removal Help?

    If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware. We offer free malware removal assistance to our members in the Malware Removal Assistance forum.
  • Quick Tip

    Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.