Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 28 May, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Black Hat – Cryptolocker is gone, but more variants are expected

by The Gurus
August 7, 2014
in Editor's News
Share on FacebookShare on Twitter

Cryptolocker is dead, the owners are trying to discover what the authorities know and don’t be surprised to find more variants out there.
 
Speaking at the Black Hat conference in Las Vegas, security consultant John Bambenek praised the global effort in taking down the GameOver Zeus, but said that this followed a distinct lack of communication.
 
He said that at one point, there were four different working group for Cryptolocker and when they were brought together it collected 160 people who “all brought their special skillset”. He said: “We had 300 transistor–transistor logic (TTL) on the domains and that is where the intelligence value is, and it doesn’t give you any real information, but you can get into the mind of the attacker to deliver intelligence.”
 
He said that after the takedown in June, it sinkholed one out of every 125 domains, and we need to be better at reverse engineering. He said: “Operation Tovar took down GOZeus and took Cryptolocker offline, and effectively drew a line under it and despite some attempts, there have been no more victims. The bad guys are probing and want to see what we are doing as it is outside their visibility.
 
“The takedown worked, but it required a lot of intelligence to be done and from the collateral damage, we know what is going on and what will happen.” However Bambenek said that takedowns do not work when we “work like vikings and tear things down”, and we need more well thought-out takedowns.”
 
He later said that “ransomware is dead but it captured the imagination”, and said that there is new ransomware for iPhones using the “Find my iPhone”, or using Tor. “There are more problems than people solving them, and the takedown worked as there were people on it, even though the short term doesn’t yield long term results.”
 
Speaking to IT Security Guru, Bambenek said he believed that Cryptolocker is dead and there is a new variant of GOZeus, but it was unclear if it was the same person behind it. “There was a domain registered from the Cryptolocker domain but in May, and that goes back to seeing what we are surveilling and tryng to poke at it,” he said.
 
“I think right now, the one who is indicted he is out of the business now, but there are people using some of his techniques to see if they can get around it,” he said.
 
He denied that they were copycats, but there are more directives there, but plenty will be influenced “as some are developing kits to commoditise it, which is a different problem.”
 
Asked what he
thought of the sophistication of the attacker and those behind Cryptolocker, Bambenek said that there was an overlap of clever people who did not invest the fullness of their skills to manage Cryptolocker and could have done better, but they were making so much money so why bother? 

FacebookTweetLinkedIn
Tags: Ransomware
ShareTweet
Previous Post

1.2 billion unique credentials seized – industry views

Next Post

John McAfee's Vegas conference appearance

Recent News

SnapDragon Monitoring scam advice

Tips to Protect Against Holiday and Airline Scams

May 25, 2023
Access Segmentation & Encryption Management from MyCena

New security model launched to eliminate 95% of cyber breaches

May 25, 2023
KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

May 25, 2023
Purple Logo, capitalised letters: SALT.

Salt Security Uncovers API Security Flaws in Expo Framework, Issues have been Remediated

May 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information