If you are looking for ways to run a malware simulator to test ransomware and other forms of malware in your environment, but don’t want to deal with the actual materials to infect your systems, look no further than the Shinosec ShinoLocker suite. This is a malware simulator and target attacking suite for penetration testers and other researchers.

The new version includes new features and components, such as a remote access Trojan simulator, a malware delivery server, a command-and-control server and a dropper.

Ransomware Without the Ransom

The idea is to test your security and protection products against the kinds of attacks that a typical piece of ransomware would conduct. ShinoLocker behaves just like a real ransomware attack, but with one important difference: It does not ask for any actual ransom money in exchange for decryption keys.

The suite was born at the 2013 Black Hat conference with a presentation by security researcher Shota Shinogi. Since then, he has augmented its features with additional tools. Everything is controlled via a web interface, making it easy to set up and configure.

Shinogi created this ransomware to help other researchers understand how malware works. The suite allows researchers to test their forensics skills by attempting to retrieve the decryption key from memory. However, the key can be easily retrieved if the tester is stuck.

A Quick, Easy, Transparent Malware Simulator

In the past, trying to run a malware simulator required advanced skill and too much time to set it up properly. Shinosec makes this process more transparent. It even includes an encrypted Trojan hidden inside an image file.


Image Source: Shota Shinogi

Penetration testers often struggle to create a sufficiently valid malware simulator. There have been other, mostly academic, projects in the past, and at least two similar tools — FakeNet and MAST — have been developed. But Shinosec is still one of the most complete toolsets available, and at no cost to boot.

Educational Value Outweighs Risk

Could a real attacker abuse this suite and easily create active malware that could damage systems? That is possible, although it would take some work to disguise the Shinosec signatures. Still, the educational value far outweighs the risk. The suite helps defenders better understand and prevent future malware attacks.

Download the complete Ransomware Response Guide from IBM X-Force

More from Mainframe

How Dangerous Is the Cyberattack Risk to Transportation?

If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks. In one event, attackers breached the New York Metropolitan Transportation Authority (MTA) systems. Thankfully, no one was harmed, but incidents like these are cause…

Low-Code Is Easy, But Is It Secure?

Low-code and no-code solutions are awesome. Why? With limited or no programming experience, you can quickly create software using a visual dashboard. This amounts to huge time and money savings. But with all this software out there, security experts worry about the risks. The global low-code platform market revenue was valued at nearly $13 billion in 2020. The market is forecast to reach over $47 billion in 2025 and $65 billion in 2027 with a CAGR of 26.1%. Very few,…

Starting From Scratch: How to Build a Small Business Cybersecurity Program

When you run a small business, outsourcing for services like IT and security makes a lot of sense. While you might not have the budget for a full-time professional on staff to do these jobs, you still need the services.However, while it might be helpful to have a managed service provider handle your software and computing issues, cybersecurity for small and medium businesses (SMBs) also requires a personal, hands-on approach. While you can continue to outsource some areas of cybersecurity,…

A Journey in Organizational Resilience: Supply Chain and Third Parties

The next stop on our journey focuses on those that you rely on: supply chains and third parties.  Working with external partners can be difficult. But, there is a silver lining. Recent attacks have resulted in an industry wake-up call when it comes to cybersecurity resilience. You see, the purpose of using external partners is to take advantage of a capability that your organization did not have, or the vendor was just better at than you. In turn, there was…