![]() He most recently was a security architect at the Krebs Stamos Group. Jack Cable is a hacker who works at the intersection of cybersecurity and public policy. Although it is relatively easy to identify choke points in commodity ransomware payment activity, it is more difficult to do the same for RaaS. We notice that there are striking differences between the two markets in the way that cryptocurrency resources are utilized, revenue per transaction, and ransom laundering efficiency. Our analysis shows that there are two parallel ransomware criminal markets: commodity ransomware and Ransomware as a Service (RaaS). ![]() Leveraging the transparent nature of Bitcoin, the cryptocurrency used for most ransomware payments, we characterize the evolving ransomware criminal structure and ransom laundering strategies. With Ransomwhere, we have gathered 13.5k ransom payments to more than 87 ransomware criminal actors with total payments of more than $101 million. We report on our experience operating Ransomwhere, an open crowdsourced ransomware payment tracker to collect information from victims of ransomware attacks. Collecting and analyzing ransomware data is an important step towards understanding the spread of ransomware and designing effective defense and mitigation mechanisms. They have made headlines in recent years by threatening the operation of governments, critical infrastructure, and corporations. Ransomware attacks are among the most severe cyber threats. So far, Cable relies only on publicly available materials to expand its database, but the researcher told The Record that he is already exploring “the possibility of partnerships with analytical companies in the field of information security and blockchain to integrate the data they may have about the victims.Jack Cable and Kris Oosthoek Apat 11:00 AM on Zoom / Soda Hall The creator of the project hopes that the anonymous exchange of payment data through a third-party service, such as Ransomwhere, will remove some barriers in the information security community, such as nondisclosure agreements and business competition. ![]() The main idea is to create a centralized system that tracks payments sent by hackers, which will allow them assessing the scale of their profits and operations more accurately, about which very little is known. Then this address will be indexed in the public database. In general, the site is very simple: it allows victims of ransomware attacks and security specialists to transfer copies of their ransom notes to Ransomwhere, as well as report the amount of the ransom and the bitcoin address to which the victims transferred the payment. ![]() Unfortunately, such a database can be easily corrupted by fake material, but to counter this, Cable plans to study all submissions, and in the future plans to add a voting system for individuals so that reports can be flagged as fake. This database, devoid of any personal information, will be available to information security specialists and law enforcement officers for free download. Jack Cable, Stanford’s student and Krebs Stamos Group cybersecurity researcher created the Ransomwhere project that is free and open database of payments that have been transferred to various ransomware hack groups.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |