When ransomware hits, IR includes boots on the ground and forensic support. For a real attack, a researcher reverse-engineered the Prometheus ransomware and discovered weaknesses in the encryption implementation. Malware developers aren’t always crypto experts and weak implementations of algorithms can allow for the decryption of files. This session will share the research and the process of creating a rapid acting decryptor.
Share With Your Community