Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

The New Scourge of Ransomware 6: CryptoLocker Takedown

Finally, John Bambenek and Lance James touch upon Operation Tovar that ended CryptoLocker campaign, and dwell on the lessons learned from this whole incident. John Bambenek: Operation Tovar, going on to takedown (see right-hand image). Law enforcement agencies of 13 countries and lots of individuals and...

The New Scourge of Ransomware 5: Human Intelligence Findings on CryptoLocker

The security experts keep on providing CryptoLocker facts that they were able to discover, including HUMINT details, victim communication and HDD forensics. Lance James: We’re also sending a message quickly, and we need to keep that message going. You even saw the FBI has been doing it lately, they’re...

The New Scourge of Ransomware 4: CryptoLocker Study in Contradictions

As part of their story on CryptoLocker analysis, John Bambenek and Lance James dwell on the methodology of tracking the ransomware via payments and DGA. John Bambenek: So, taking a look at CryptoLocker. A lot of this was a study in contradictions, because there were indicators that did not seem, at least on...

The New Scourge of Ransomware 3: Recovery and Defenses

The experts shift their focus over to CryptoLocker attack mitigation and touch upon the cooperation of law enforcement and security industry on this case. John Bambenek: So, a little bit of recovery and defenses (see right-hand image). A lot of this is best practice stuff. If you get your files encrypted,...

The New Scourge of Ransomware 2: The Business Model Behind CryptoLocker

As the presentation continues, the researchers share their findings on the uniqueness of CryptoLocker ransomware and the reasons it was such a viable threat. John Bambenek: In August 2013, CryptoLocker appears. I get a call from one of my clients – that’s how I first found it – from a local government...

The New Scourge of Ransomware: A Study of CryptoLocker and Its Friends

Security experts Lance James and John Bambenek tell the Black Hat USA audience how they got together on the CryptoLocker ransomware case and how it went. Black Hat USA host: With no further ado, I will introduce our speakers today. We have John Bambenek and Lance James. Lance James: So, everybody knows what...

Most ransomware isn’t as complex as you might think 3: Attack payloads and mitigation

Lastline Labs’ Engin Kirda now describes the encryption, deletion and locking mechanisms leveraged by ransomware and also focuses on mitigation techniques. So what are the attack payloads? Encryption, of course, is a popular thing. About 5% of the samples that we actually looked at were using some sort of...

Most ransomware isn’t as complex as you might think 2: Evolution of ransom Trojans

The evolution of ransomware code and behavior since the emergence of these hoaxes up till the present day is what Engin Kirda covers in this part of his talk. So how has ransomware evolved over the years? Well, the ransomware concept actually dates back to the end of the 80s – the beginning of the 90s,...

Most ransomware isn’t as complex as you might think

Engin Kirda, the co-founder of Lastline Labs, took the floor at Black Hat USA to give a retrospective view of ransomware and analyze its present-day flaws. Hi! Good afternoon everyone. Thanks for showing up. I have the pleasure of having the last session. Hopefully it’s not the curse of having the last...

Explorations in Data Destruction 8: Electric Techniques

Zoz now stages experiments with high voltage as a method to demolish SSD drives and provides a general summary on destruction techniques that work the best. I have to go really fast now with electric. There aren’t too many things in there (see right-hand image). The goal was, you know, we’ve got...