Breaking Prometheus: When Ransomware Crypto Goes Wrong

Posted on in Presentations

When ransomware hits, IR includes boots on the ground and forensic support. For a real attack, a researcher reverse-engineered the Prometheus ransomware and discovered weaknesses in the encryption implementation. Malware developers aren’t always crypto experts and weak implementations of algorithms can allow for the decryption of files. This session will share the research and the process of creating a rapid acting decryptor.

Aaron Gdanski


Malware Reverse Engineering Analyst, IBM Security

Anne Jobmann


Malware Reverse Engineering Manager, IBM Security

Andy Piazza


Global Head of Threat Intelligence, IBM

Share With Your Community