Timur Biyachuev Kaspersky Lab
Alexey Malyshev Kaspersky Lab
Trojan-ransoms are not new; it's now more than 20 years since the first variant was created. Yet, they are now demonstrating a very rapid spread in Russia and the post-Soviet space, almost without disturbing the rest of the world. At least so far!
The social engineering techniques used to infiltrate and ransom evolve rapidly and the technical complexity of these malicious programs increases with every variant. Additionally, their authors are fighting a fierce battle to counteract every anti-virus protection.
Trojan-ransoms in Russia have become an effective tool for cybercriminals - mainly because it is highly profitable, easy and pretty safe! We believe the reason for the local popularity of these malicious programs to be a favourable environment: from a legal, cultural and educational point of view.
This presentation discusses this situation. We will look at this Russian phenomenon at four levels: the cybercriminal organization, the data destructure techniques, criminal prosecution and the level of anti-malware protection.