2024-08-07 –, Florentine E
There are two inevitable things in life: ransomware and taxes.
Threat actors are always lurking to make a quick buck by deploying ransomware in companies.
While specialized media and security researchers focus on attacks by prominent groups like Lockbit (it's still alive!), and quickly start analyzing the malware, conducting reverse engineering, publishing their findings on vendors' blogs, and presenting talks at major events, countless other threat groups are carrying out their attacks stealthily.
Likewise, there are a multitude of other ransomware groups that have never collected the reward or the glory, despite all the efforts they have made. Some, for lack of money, experience, or even laziness, rent or buy a "Lego" for custom construction, also known as builders, that are not but a copycat version of other malware, others conduct attacks that look like ransomware, act like ransomware but are not.
In this talk, we will discuss these dark ransomware attacks that never succeeded.
Why? Discussing unknown ransomware is essential for proactively understanding the evolving threat landscape and equipping cybersecurity professionals and organizations with the knowledge to defend against a wide range of potential attacks.
This is a triple vinyl disc. On the A-Side, we'll tackle the landscape of ransomware, the famous ones, of course, and how indie ransomware tries to compete with the established ones. Just as on the B-side of an album, you'll find the more obscure and unknown songs that you're unlikely to hear out there, we'll deal with the ransomware that never made it to mainstream fame. And finally, in SideC, we'll take a look at emerging threats and recommendations.
SideA (or Popular)
(Prelude: Call of the Ghost Tigers) Who are we? WTF are those titles?
(If the kids are united) Why this topic?
(Blister in the sun) What makes ransomware popular? (a.k.a. dangerous)
(Unknown pleasures) The rise of the ransomware indies
B-Side (or Could you be the one)
Ransoms that never succeeded:
(Turning Japanese) HelloKitty Ransomware
(Red Right Hand) Cuba Ransomware
(99 Luftbaloons) Hitler Ransomware
Ransomware Take-out
(Viva LA Revolution) Ransomware commodity
(Le Cirque De L'horreur) Hermes Ransomware
(Hybrid Moments) Chimera Ransomware
(Back from the grave) Tesla Crypt
(Qual) Qlocker
NotRansomware (not by NotCo)
(Rebel Girl) Malas Locker
(Waiting room) Everest ransomware
C-Side (or This is the end of the world and we know it)
(Death or Glory) Challenges and limitation
(Sugar Kane) Defense and best practices
(A message to you, Rudy) Future and Emerging threats
(Sometimes, always) Recommendations
(Ask me) Q&A
Cybelle is a researcher of the disasters that happen in the cyber world, basically a Gossip Girl from Malwareland. She has also been involved in privacy and (cyber)security activism for 10 years and has participated in security events in various countries. Cybelle is one of the directors of the Casa Hacker organization and part of the Mozilla community. And not least, she loves her cats.
