Breaking the economy of trust: How busts affect malware gangs Some of the world's most notorious ransomware and malware-as-a-service (RaaS/MaaS) operators have shut up shop in the past 12 months thanks to international law enforcement efforts, but just because household names like Conti, LockBit, and ALPHV/BlackCat are on the ropes, it doesn't mean we're free from the threat of commodity …
"An unnamed Fortune 50 corporation paid a stonking $75 million to a ransomware gang to stop it leaking terabytes of stolen data.
The underworld outfit, which calls itself Dark Angels, doesn't go for the shotgun approach a lot of other malware-slinging teams use, in which multiple victims are infected at a time indiscriminately in hope that at least some pay up. Nor does Dark Angels appear to use affiliates or outside help to get into networks."
https://www.theregister.com/2024/08/02/dark_angels_ransomware/
I wonder if there's any scope for an OS to use technology (I hesitate to say AI) to detect when ransomeware is running? Perhaps spot large read/encrypt/write patterns and pop up a warning? It shouldn't be impossible to spot unusual patterns like that, the security services do it all the time. It would mean they wouldn't have to look for specific malware signatures, so would be less dependent on having frequently updated signature data.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
