Post on 12-Apr-2017
1 Tuesday, May 2, 2023
Crypto Ransomware:a Real Problem with Real Solutions
2 Tuesday, May 2, 2023
Agenda
Ransomware’s evolution
Costs of ransomware attacks
How ransomware infects systems
Conclusion
Major threattrends
How to avoid being a crypto ransomware
victim
3 Tuesday, May 2, 2023
Major Threat Trends
4 Tuesday, May 2, 2023
Polymorphic Malware Is the Norm
Source: Webroot – 2016 Threat Brief, February 2016
97% of new malwareis unique to a specific endpoint,
rendering signature-basedsecurity obsolete
Malware and PUAs have become overwhelmingly
polymorphic
5 Tuesday, May 2, 2023
“Good” and “Bad” Websites
Source: Webroot – 2016 Threat Brief, February 2016
6 Tuesday, May 2, 2023
High Success Rates of Phishing Attacks
Source: Webroot – 2016 Threat Brief, February 2016
of internet users will fall for a zero-day phishing attack in a year
50%
7 Tuesday, May 2, 2023
Mobile Apps Are Riskier than Ever
Source: Webroot – 2016 Threat Brief, February 2016
52%
30%
18%
22%
50%
28%
Increase indicates a shift to malicious and unwanted apps
2014 2015
8 Tuesday, May 2, 2023
Ransomware’s Evolution
9 Tuesday, May 2, 2023
What Is Crypto Ransomware?
Classification
Trojan horse
Type
Ransomware/crypto virus
OS affected
Windows
First observed
September 2013
Drive types
Local, network, and removable
Drive types
Spam botnet lures victim
Phishing email with attachment
Attachment downloader gets Zeus
Zeus gets CryptoLocker/CryptoDefense
10 Tuesday, May 2, 2023
Evolution of Crypto Ransomware
Increasing adoptionof IP anonymizing services
01
Ransomware-as-a-service
02
Detection issues due to thread injection, process
hollowing, and new exploits
03
Expanding pastWindows to macOS
04
Now a commodityextortion service!
11 Tuesday, May 2, 2023
How Ransomware Infects Systems
12 Tuesday, May 2, 2023
Silent Deployment
Before After
1
3
2
13 Tuesday, May 2, 2023
Click here for full presentation