For almost two years Cryptowall has been making its rounds encrypting the files of victims and extorting them for money in the form of Bitcoins. Following in the footsteps of Cryptolocker Cryptowall has made many victims including law enforcement, large organizations as well as the general public.

The presentation will follow this threat starting at the time they were not yet known as Cryptowall working up to the current date and campaigns. It will go through the different variations, the cryptography used, their command and control communication throughout their campaigns and their methods of spreading through various Email and Exploit kit campaigns. A set of tools allowing for easier analysis of Cryptowall infections as well as analyzing Cryptowall samples will be released.

• Cryptowall tools on Github