Cryptology ePrint Archive: Report 2018/598

Trends in design of ransomware viruses

Vlad Constantin Craciun and Andrei Mogage and Emil Simion

Abstract: The ransomware nightmare is taking over the internet impacting common users,small businesses and large ones. The interest and investment which are pushed into this market each month, tells us a few things about the evolution of both technical and social engineering and what to expect in the short-coming future from them. In this paper we analyze how ransomware programs developed in the last few years and how they were released in certain market segments throughout the deep web via RaaS, exploits or SPAM, while learning from their own mistakes to bring profit to the next level. We will also try to highlight some mistakes that were made, which allowed recovering the encrypted data, along with the ransomware authors preference for specific encryption types, how they got to distribute, the silent agreement between ransomwares, coin-miners and bot-nets and some edge cases of encryption, which may prove to be exploitable in the short-coming future.

Category / Keywords:

Date: received 10 Jun 2018, last revised 19 Jun 2018

Contact author: emil simion at upb ro

Available format(s): PDF | BibTeX Citation

Version: 20180619:132451 (All versions of this report)

Short URL: ia.cr/2018/598


[ Cryptology ePrint archive ]