The age of Russian trojan-ransoms presented at Virus Bulletin 2010

by Timur Biyachuev (Kaspersky lab),


Summary : "
Trojan-ransoms are not new; it's now more than 20 years since the first variant was created. Yet, they are now
demonstrating a very rapid spread in Russia and the post-Soviet space, almost without disturbing the rest of the
world. At least so far!
The social engineering techniques used to infiltrate and ransom evolve rapidly and the technical complexity of these
malicious programs increases with every variant. Additionally, their authors are fighting a fierce battle to counteract
every anti-virus protection.
Trojan-ransoms in Russia have become an effective tool for cybercriminals - mainly because it is highly profitable, easy
and pretty safe! We believe the reason for the local popularity of these malicious programs to be a favourable environment:
from a legal, cultural and educational point of view. This presentation discusses this situation. We will look at this Russian phenomenon at four levels: the cybercriminal organization,
the data destructure techniques, criminal prosecution and the level of anti-malware protection. "