C3Subtitles: rc3: Tracking Ransomware End-to-end
back

Tracking Ransomware End-to-end

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
Not yet available
Language
English
Abstract
Ransomware is a type of malware that encrypts the files of infected hosts and demands payment, often in a cryptocurrency such as Bitcoin. In this talk, we present a measurement framework that we used to perform a large-scale, two-year, end-to-end measurement of ransomware payments, victims and operators.

By combining an array of data sources, including ransomware binaries, seed ransom payments, victim telemetry from infections, and a large database of Bitcoin addresses annotated with their owners, we sketch the outlines of this burgeoning ecosystem and associated third-party infrastructure. In particular, we trace the financial transactions, from the moment victims acquire bitcoins, to when ransomware operators cash them out.

While our study focuses on ransomware, our methods are potentially applicable to other cybercriminal operations that have similarly adopted Bitcoin as their payment channel.

Talk ID
11566
Event:
rc3
Day
1
Room
rC2
Start
2 p.m.
Duration
00:40:00
Track
IT-Security
Type of
lecture
Speaker
Max Aliapoulios

The video is not yet available