Abstract

Malware and worms were emerging market assets for the dark market. A newly introduced service in the dark market is ”Malware as a Service” for malicious contenders. It allows very little-to-know coders to achieve very big hacks with very minor financial risks. One such popular malware as a service is - Ransomware, which is frequently traded in the dark market with excellent contact/feedback support. A recent development on new modules is being added that leak data on the online sources or the data is put up for sale to attract buyers. Besides reputation losses, data leakage can cause serious issues for an organization, such as poor performance, legal liability, reputation damage, and loss of trust in the company. In this work, we evaluated Hermit Wiper, which contains Windows protocol exploits and ransomware as a party ticket. We listed the technical details that provide evidence of the malicious activities that it performs after getting into the system. We also mentioned tools to get strings with the Linux default libraries and list out imports and exports from the files. Lastly, we have listed protection mechanisms and provided many scripts to remove vulnerable ports from the system, to stay safe from these exploits.