The Doubleface ransomware group launched their ransomware with a Telegram message. The threat actor claims that their ransomware is fully undetectable by leading antivirus programs.
According to a recent message from the group’s Telegram channel, the Doubleface ransomware employs a unique algorithm developed by the team. Each file’s AES encryption key is randomly generated and encrypted with an RSA key. The threat actor claims that their ransomware is fully undetectable (FUD) by Windows Defender, Avast, Kaspersky, and AVG. The ransomware also includes anti-virtual machine, anti-debugging, and anti-sandbox capabilities.
The ransomware is being offered for sale with pricing options: $500 per stub or $10,000 for the fully undetectable ransomware source code.