Tag: ransomware
-
VB2019 paper: Different ways to cook a crab: GandCrab Ransomware-as-a-Service (RaaS) analysed in depth
Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. Running as a Ransomware-as-a-Service scheme, the malware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers. High-level overview of the GandCrab RaaS model. In a paper presented at VB2019 in…
-
Guest blog: TotalAV uncovers the world’s first ransomware
In a guest blog post by VB2019 Silver partner TotalAV , Matthew Curd, the software’s Technical Expert, considers the changes in the cybersecurity landscape. Rediscovered in an old storage box amongst a collection of old magazines, a five-and-a-quarter-inch floppy was brought into the Protected.net office in late June – dated 1989. The disk, older than…
-
VB2018 video: Behind the scenes of the SamSam investigation
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful ransomware campaigns in recent years, thanks to the clever targeting of specific organisations, including universities, hospitals and local governments. This targeting allowed the attackers to ensure the…
-
VB2018 video: Behind the scenes of the SamSam investigation
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful ransomware campaigns in recent years, thanks to the clever targeting of specific organisations, including universities, hospitals and local governments. This targeting allowed the attackers to ensure the…
-
VB2017 paper: Nine circles of Cerber
Earlier this week, we published the video of a VB2017 presentation on the Spora ransomware. Spora is hardly alone in this prominent threat type though, and one of the other major names in the world of ransomware is Cerber, which operates a successful affiliate scheme, making it ‘The McDonald’s of the underworld’. Last year, Check…
-
VB2017 paper: Nine circles of Cerber
Earlier this week, we published the video of a VB2017 presentation on the Spora ransomware. Spora is hardly alone in this prominent threat type though, and one of the other major names in the world of ransomware is Cerber, which operates a successful affiliate scheme, making it ‘The McDonald’s of the underworld’. Last year, Check…
-
VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week
First discovered at the beginning of the year, the Spora ransomware has become one of of the most prominent ransomware families of 2017, especially in Russia, a region it appears to target. Spora exhibited worm-like behaviour months before the appearance of WannaCry, using .LNK files, a technique previously used by other malware. (Spora’s implementation is…
-
VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week
First discovered at the beginning of the year, the Spora ransomware has become one of of the most prominent ransomware families of 2017, especially in Russia, a region it appears to target. Spora exhibited worm-like behaviour months before the appearance of WannaCry, using .LNK files, a technique previously used by other malware. (Spora’s implementation is…
-
VB2017: nine last-minute papers announced
At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the majority of which was published in April – are still as relevant now as they were five months ago. Still, security is constantly evolving, and…
-
VB2017: nine last-minute papers announced
At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the majority of which was published in April – are still as relevant now as they were five months ago. Still, security is constantly evolving, and…