The age of Russian trojan-ransoms

Timur Biyachuev Kaspersky Lab
Alexey Malyshev Kaspersky Lab

Trojan-ransoms are not new; it's now more than 20 years since the first variant was created. Yet, they are now demonstrating a very rapid spread in Russia and the post-Soviet space, almost without disturbing the rest of the world. At least so far!

The social engineering techniques used to infiltrate and ransom evolve rapidly and the technical complexity of these malicious programs increases with every variant. Additionally, their authors are fighting a fierce battle to counteract every anti-virus protection.

Trojan-ransoms in Russia have become an effective tool for cybercriminals - mainly because it is highly profitable, easy and pretty safe! We believe the reason for the local popularity of these malicious programs to be a favourable environment: from a legal, cultural and educational point of view.

This presentation discusses this situation. We will look at this Russian phenomenon at four levels: the cybercriminal organization, the data destructure techniques, criminal prosecution and the level of anti-malware protection.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.