Russ Suter
asked on
How do I get ransomware?
I have a new project which involves demonstrating exactly how ransomware works. I need to set up a virtual machine with some sample data and some variant of ransomware. I need to run a live demonstration which shows what happens on a PC from the initial point of infection all the way to the point where the ransom notice is displayed. Obviously I know this is dangerous and the correct precautions will be in place to ensure that the VM is completely network isolated. Does anyone know how I can do something like this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Find a teenager who is active on social media, and open all of the emails in his/her box.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry for the late response here. I went on vacation. :)
Lots of good info here. Thank you all for your feedback. I'm still a bit nervous about trying this but I'm fairly sure that running it on an isolated VM without network access should successfully contain the problem. I'll probably look into something a little less virulent than Wanacry since pretty much any ransomware variant will demonstrate what I want to show.
Lots of good info here. Thank you all for your feedback. I'm still a bit nervous about trying this but I'm fairly sure that running it on an isolated VM without network access should successfully contain the problem. I'll probably look into something a little less virulent than Wanacry since pretty much any ransomware variant will demonstrate what I want to show.
Really TRY physically separated networks, and physically separated servers....
It is TOO EASY to make mistakes with VM's. and VLANS...
The prices is too high to make a mistake.
The machines you want to infect need to have no connection to the internet as well.
It is TOO EASY to make mistakes with VM's. and VLANS...
The prices is too high to make a mistake.
The machines you want to infect need to have no connection to the internet as well.
Ransomware FAQ - How Ransomware Infects Your Computer:
https://blog.barkly.com/how-ransomware-infects-computers
An Example of How Ransomware Works:
https://www.carbonblack.com/2016/09/19/how-ransomware-works/
This earlier thread helps you to understand how to protect yourself from Ransomware:
https://social.technet.microsoft.com/Forums/en-US/45ce0ae2-18ee-48dc-98e8-362d1744aa45/wannacry-attack?forum=securityupdateguide
Hope this helps!