The Evolution of File-less Ransomware

Presenter: Douglas Santos

Today’s reality is: despite the growing number of technologies, products and services and the
overall growth and acceptance of the cybersecurity mindset, businesses still get hacked. Mostly
because they fail to properly understand, deploy, configure and manage their security controls
and procedures.

Ransomware remains one of the most significant forms of attack and its #1 delivery vector,
phishing , gets more and more sophisticated every day. The bad actors are constantly
leveraging new techniques for payload delivery, execution and persistence. The main problem
seen today is the capability of cybercriminals to innovate on all fronts of the attack. Examples
we have seen recently include campaigns aimed at delivering ransomware through very
sophisticated and targeted file-less attacks that communicate with fake YouTube and Facebook
profiles to download other stages of malware, as well as the use of blockchain for name
resolution.