The story of Cryptowall: a historical analysis of a large scale cryptographic ransomware threat

For almost two years Cryptowall has been making its rounds encrypting the files of victims and extorting them for money in the form of Bitcoins. Following in the footsteps of Cryptolocker Cryptowall has made many victims including law enforcement, large organizations as well as the general public.

The presentation will follow this threat starting at the time they were not yet known as Cryptowall working up to the current date and campaigns. It will go through the different variations, the cryptography used, their command and control communication throughout their campaigns and their methods of spreading through various Email and Exploit kit campaigns. A set of tools allowing for easier analysis of Cryptowall infections as well as analyzing Cryptowall samples will be released.


Print Friendly, PDF & Email
Yonathan Klijnsma
I'm a senior threat intelligence analyst working for an EU based company called Fox-IT. Both my work and hobby focus around threat intelligence in the form of malware analysis.