Not So Crab Mentality: A True RasS Story presented at ROOTCON12 2018

by Christopher Elisan,

Summary : Ransomware-as-a-Service (RaaS) is a booming business for cybercriminals. It gives novice and not-so-skilled cybercriminals the capability to launch and reap the rewards of a ransomware attack. In this talk, I will discuss a real threat actor recruiting partners to spread the GandCrab ransomware in exchange for a percentage of the profit. We will look at the recruiting process, the ransomware deployment technology, the network infrastructure and the ransomware itself to give us a full understanding of how the whole campaign is conducted from beginning to end. Outline:- Ransomware-as-a-Service- Threat actor recruitment process- GandCrab Deployment Technology- GandCrab Deep dive- Attack infrastructure- Available GandCrab solutions