%0 Journal Article %1 mjs:Fischer:Ransomware %A Fischer, Thomas %D 2018 %K bitcoin ds19 encryption malware_analysis mjsarticle %N 2 %P 879-892 %T I Wrote my Own Ransomware; did not make 1 iota of a Bitcoin %U http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_059_Fischer_Ransomware.pdf %V 16 %X 2016 saw a substantial rise in ransomware attacks and in some cases the return of some favourites with Cryptowall, CTB-LOCKER and TeslaCrypt being some of the most popular. The volume of attacks was in fact pretty steady for a good part of the year, with regular campaigns coming out on a weekly basis. It was interesting to see the variety in mechanisms used for the ransomware which not only included self-contained binaries but went all the way to the use of scripts. As part of the research I conducted last year, I wanted to understand why there’s such a drive and lure for ransomware, outside of the victims payment, as well as have some way of properly testing »anti-ransomware« solutions with an unknown variant. So to do that, I went ahead and built my own ransomware and drew some conclusions on why it became so popular. This talk explore the background and process used to build a live ransomware that I was able to use for controlled testing. To finally draw some of my own personal conclusions.

@article{mjs:Fischer:Ransomware, abstract = {2016 saw a substantial rise in ransomware attacks and in some cases the return of some favourites with Cryptowall, CTB-LOCKER and TeslaCrypt being some of the most popular. The volume of attacks was in fact pretty steady for a good part of the year, with regular campaigns coming out on a weekly basis. It was interesting to see the variety in mechanisms used for the ransomware which not only included self-contained binaries but went all the way to the use of scripts. As part of the research I conducted last year, I wanted to understand why there’s such a drive and lure for ransomware, outside of the victims payment, as well as have some way of properly testing »anti-ransomware« solutions with an unknown variant. So to do that, I went ahead and built my own ransomware and drew some conclusions on why it became so popular. This talk explore the background and process used to build a live ransomware that I was able to use for controlled testing. To finally draw some of my own personal conclusions.}, added-at = {2021-09-19T18:42:17.000+0200}, author = {Fischer, Thomas}, biburl = {https://www.bibsonomy.org/bibtex/2ca7de5222f40ea2b87025a568d9a39e9/steschum}, interhash = {5b1616e1698a5ebbfec85835d5227695}, intrahash = {ca7de5222f40ea2b87025a568d9a39e9}, issn = {2192-4260}, journaltitle = {Magdeburger Journal zur Sicherheitsforschung}, keywords = {bitcoin ds19 encryption malware_analysis mjsarticle}, language = {DE}, number = 2, pages = {879-892}, timestamp = {2021-10-22T17:15:30.000+0200}, title = {I Wrote my Own Ransomware; did not make 1 iota of a Bitcoin}, url = {http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_059_Fischer_Ransomware.pdf}, urldate = {2018-11-03}, volume = 16, year = 2018 }