Turnip is ransomware that I developed with the aim of bettering my understanding of malware and how to defend against it. The ransomware works by first being downloaded onto a victims computer, by for example having them press a link. Next the malware starts to unambiguously encrypt (RSA) all of the users files as well as sending them to a server hosted by the attacker. Once all files have been encrypted and sent, a popup flashes on the victims computer urging them to send a dynamically generated amount of bitcoin to the attackers wallet.
The software can then automatically detect if a payment has been made, once this is done the secret encryption key is sent to the client side software where it will then decrypt all of the users files. Additionally all of the copies of their files on the server get automatically deleted.