Police Ransomware

Horário: 12:50 as 13:40

Duração: 50 minutos (mais 10 minutos para perguntas e respostas)

Local: Sala 1

Resumo

Ransomware is a kind of malware that withholds some digital asset from the victim and asks for payment in order to release it back. This trend of attacks started in Russia back in 2005-2006 and has been changing tactics and targets since then. The last wave of attacks is targeting users in a very specific way by geo-locating the victims and confronting them with their own country's regional Police Forces meanwhile their whole computer is being held captive. We have been analyzing this attack since it started and are now able to show some of our conclusions in this investigation. The mix of a well-tuned social engineering plus an advanced networking model show that their creators are as well organized as they are persistent and creative. This is a technical talk and even though we'll also be talking about this malware from a high level perspective, we'll dig into specifics found in this investigation, like the money trail and how the companies involved are trying to tackle it.

Palestrante

David Sancho

David Sancho joined Trend Micro in 2002, having fulfilled a variety of technical security-related roles. Currently, he is a Senior Anti-malware researcher specialized in web threats and other emerging technologies. In his 12+ years of experience in the security field, he has written and published a number of research papers on malware tendencies, has been featured on the media and participated in customer events where he has presented on business issue and malware-related topics. His interests include Web infection methods, vulnerability exploitation and white-hat hacking in general. He lives in Spain with his family and a crazy dog.