The details of the investigation that resulted in the Mamba Ransomware discovery

BSidesDE 2016

Presented by: Renato Marinho
Date: Saturday October 08, 2016
Time: 14:30 - 14:50
Location: Odeum 309
Track: Track 1

In this talk I will present the details and challenges of handling an incident suffered by a large multinational company with subsidiaries in Brazil, India and the United States that resulted in the Mamba discovery, the first ransomware to use, in fact, the Full Disk Encryption (FDE) strategy. I’m going also to present the entire process of researching, publication and collaboration with CERTs from various countries, research laboratories and international security products players.

Renato Marinho

Renato Marinho, MSc, is an information security researcher at Morphus Labs. With more than 15 years of hands-on experience in the field he holds also professional certifications like CISSP, CRISC and PMP. He teaches Computer Forensics discipline at Universidade de Fortaleza (Brazil) and is a frequent presenter at different international conferences like Security BSides, Mind the Sec, WSKS Portugal, GTER/GTS and Brazilian CSIRTs Forum.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats