BSides Boston 2016 has ended
Back To Schedule
Saturday, May 21 • 9:00am - 9:45am
Bringing down the great Cryptowall

Ransom-ware has been running rampant the last 6 years and there has been very little done to stop infections aside from deprecated signature scans and classic malware scanner. This presentation will demonstrate a couple concepts that work on even the most current versions of the ransom-ware plaguing the networks of today. We will go over how modern malware is reverse engineered and some outside the box ways of stopping malware using their own programming against them. We will look at malware and packing obfuscation methods Droppers used to load malware. Current versions of Cryptolocker, Cryptowall, SAMSAM and many other common ransomwares will be discussed. Additionally, there will be a brief introduction to the Exploit kits and SAAS platforms used to launch ransomware attacks.

This presentation will also go over several software and hardware methods to trick and manipulate malware and the payloads associated with them. We will review hardware methods including hacked USB devices with glitched partition tables that will lock up malware and operating systems affected. We will review software methods including malware resistant file structures randomized file extensions, ransomware payload simulators to find how your system would be affected and reports to help remediate them. We will review other methods including making machines immune to ransomware by adding kill switch watchdog programs that will lockup computer when malware attacks antivirus systems and watchdogs associated with them. We will look at methods to make your physical machines look like a sandbox environment that malware will ignore. Finally we will also look at some methods of abusing the TOR payment gateways to achieve free un-encryption by modifying system settings. 


Weston Hecker

Weston Hecker has 11 years of pen-testing experience, 12 years of security research and programming experience while working for a security company in the Midwest. He has recently spoken at Defcon 22, Defcon 23, 2015 SC-Congress Toronto, 2015 ISC2 Anaheim California, and Enterprise... Read More →

Saturday May 21, 2016 9:00am - 9:45am EDT
NERD 1 Memorial Dr
  Break It
  • Room Commons