"Doppelganger" Ransomware Group Revealed

Presented by

BlackBerry Threat Research and Incident Response | Dmitry Bestuzhev, Anuj Soni, Ryan Chapman

About this talk

Join the BlackBerry Threat Research and Incident Response teams as we discuss the discovery and response to a "doppelganger" ransomware group. While working a recent ransomware incident, we identified a group whose name and TTPs (tactics, techniques, and procedures) mimicked a long-standing, popular ransomware crew. Furthermore, the encryptor payload used in the attack was taken straight from the original group, and modified for use with the new group. Who is this doppelganger? How did we link this group to the original? Is this a trend we expect to see used more commonly in the future? Come join our session to learn more.

Related topics:

More from this channel

Upcoming talks (5)
On-demand talks (111)
Subscribers (7017)
BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including 150M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear — to secure a connected future you can trust. For more information, visit BlackBerry.com and follow @BlackBerry.