Design and Implementation of a Controlled Ransomware Framework for Educational Purposes Using Flutter Cryptographic APIs on Desktop PCs and Android Devices

TL;DR

This paper presents a controlled, open-source ransomware framework for educational use, implemented on desktop and Android, allowing safe exploration of ransomware functionalities for cybersecurity training.

Contribution

It introduces a novel, safe, and open-source ransomware framework using Flutter and Python, specifically designed for educational and research purposes.

Findings

Framework enables systematic study of ransomware mechanics

Safeguards ensure safe experimentation and targeted encryption

Open-source code facilitates learning and extension

Abstract

This study focuses on the creation and implementation of ransomware for educational purposes that leverages Python's native cryptographic APIs in a controlled environment. Additionally, an Android version of the framework is implemented using Flutter and Dart. For both versions, open-source cryptographic libraries are utilized. With this framework, researchers can systematically explore the functionalities of ransomware, including file encryption processes, cryptographic key management, and victim interaction dynamics. To ensure safe experimentation, multiple safeguards are incorporated, such as the ability to restrict the encryption process to a specific directory, providing the RSA private key for immediate decryption, and narrowing the scope of targetable files to a carefully curated list (.txt, .jpg, .csv, .doc). This paper draws inspiration from the infamous WannaCry ransomware and aims to simulate its behaviour on Android devices. By making the codebase open-source, it enables users to study, modify, and extend the program for pedagogical purposes and offers a hands-on tool that can be used to train the next generation of cybersecurity professionals.