EP45 VirusTotal Insights on Ransomware Business and Technology

Cloud Security Podcast by Google - A podcast by Anton Chuvakin - Mondays

Categories:

Guests: Vlad Stolyarov, Security Engineer  @ Threat Analysis Group (TAG) Vicente Diaz,  Threat Intelligence Strategist @ VirusTotal Topics: Why GandCrab / REvil was the most popular ransomware  family in 2020? What is ransomware as a service? Is every scary article about ransomware essentially marketing for the criminals? Some ransomware payoffs are huge, how do you think they spend the money? How else do they profit off stolen data apart from double extortion schemes? Are there triple extortion schemes? What is the concept of a “trusted brand in ransomware”, is it better for clients because they will return the data? Why did non-Windows ransomware fail as a business? Do we expect 0day exploits  to become more popular in ransomware? Based on this research, what is the key reason for ransomware’s wild success? Resources: “Ransomware in a Global Context” report “Malware Hunting with VirusTotal” (ep30) Google TAG blog NoMoreRansom Org “Cybereason: 80% of orgs that paid the ransom were hit again” Google Cybersecurity Action Team Threat  Horizons Report (full, brief)