Home Page Icon
Home Page
Table of Contents for
Contributors
Close
Contributors
by Kumaraguru Velmurugan, Mounir Hahad, Abhijit Mohanta
Preventing Ransomware
Title Page
Copyright and Credits
Preventing Ransomware
Packt Upsell
Why subscribe?
PacktPub.com
Contributors
About the authors
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
Disclaimer
Malware from Fun to Profit
1. The malware story
1.1 Malware in the womb
1.2 The birth of malware
1.3 Malware started crawling
1.4 Malware started playing
1.5 Malware started earning
2. Windows operating system basics
2.1 File format
2.2 Windows executable made simple
2.3 Windows virtual memory made simple
2.4 Windows DLL made simple
2.4.1 How does an API call happen?
2.5 API hooking made simple
3. Malware components
3.1 Payload
3.2 Obfuscator/packer – a wolf in sheep's clothing
3.3 Malware persistence
3.3.1 Startup folders
3.3.2 Run entries
3.3.3 Windows services
3.3.4 Files executed at Windows start
3.4 Stealth – a game of hide-and-seek
3.4.1 File properties – an old-school trick
3.4.2 Injecting code into a legitimate process
3.4.3 Rootkits
3.4.4 Fileless malware
3.5 Armoring
3.6 Command and control server
4. Types of malware
4.1 Backdoor
4.2 Downloader
4.3 Virus or file infector
4.4 Worm
4.5 Botnet
4.6 Keylogger and password stealer
4.7 Banking malware
4.8 POS malware
4.9 Hacktool
4.10 RAT
4.11 Exploit
5. How does antivirus name malware?
6. Summary
Malware Analysis Fundamentals
1. Static analysis
1.1 File type
1.2 Static properties of an .exe file
1.3 Disadvantages of static analysis
2. Dynamic or behavior analysis
2.1 File and registry monitoring
2.2 Autorun tools
2.3 Network monitoring tools
2.4 API logger
2.5 Process inspection
2.5.1 URLs and IP addresses of command and control servers
2.5.2 Armoring related strings
2.5.3 Registry changes
2.5.4 Strings related to a stealer
2.5.5 Strings related to banking malware
2.6 Sandbox as a malware analysis tool
2.7 Ransomware behavior
3. Summary
Ransomware Distribution
1. Attacks through emails
2. Microsoft Word macros
3. Web attacks
3.1 Exploit kits
3.1.1 BlackHole exploit kit
3.1.2 Nuclear exploit kit
3.1.3 Neutrino Exploit kit
3.1.4 Analyzing landing pages
4. Lateral movement
5. Botnets and downloaders
6. Summary
Ransomware Techniques for Hijacking the System
1. Scareware and rogue security software
1.1 List of popular FakeAntivirus
1.2 Prevention and removal techniques
2. ScreenLocker ransomware
2.1 How does ScreenLocker ransomware work on Windows OS?
2.2 Different kinds of messages from the ScreenLocker
2.3 Analyzing a ScreenLocker ransomware
2.4 Prevention and removal techniques
3. Browser locker
3.1 How does a browser locker use JavaScript to act as ransomware?
3.2 Prevention and removal techniques
4. Crypto ransomware
4.1 How does crypto ransomware work?
4.2 Overview of cryptography
4.2.1 Symmetric key
4.2.2 Asymmetric key
4.3 How does ransomware use cryptography?
4.4 Analyzing crypto ransomware
4.5 Prevention and removal techniques for crypto ransomware
5. Ransomware targeting infrastructure
5.1 Prevention techniques
6. Boot ransomware
6.1 Windows boot process
6.2 How can malware infect the boot sector?
6.3 Analyzing bootkit and boot ransomware
6.4 Prevention and removal techniques
7. Summary
Ransomware Economics
1. Anonymity 
2. Ransomware payment modes
2.1 Crypto currencies
3. RaaS
4. Other forms of ransom
5. Summary
Case Study of Famous Ransomware
1. Reveton
2. VirLock – the hybrid ransomware
3. GPCODE or PGPCoder
4. CryptoLocker
5. Cryptowall
5.1 CryptoWall 1.0
5.2 CryptoWall 2.0
5.3 Cryptowall 3.0
5.4 Cryptowall 4.0
6. Locky
7. Cerber
8. Petya
8.1 PETYA/RED-PETYA
8.2 PETYA-MISCHA/GREEN-PETYA
8.3 PETYA GOLDEN EYE
9. WannaCry
10. NotPetya
11. BadRabbit
12. Ransomware on Android, macOS, and Linux
13. Summary
Other Forms of Digital Extortion
1. DoS attacks
1.1 Teardrop attacks or IP fragmentation attacks
1.2 User Datagram Protocol flooding
1.3 SYN flood
1.4 Ping of death
1.5 Exploits
1.6 Botnets
1.7 Reflective DDoS attacks and amplification attacks
1.8 DD4BC
1.9 Armada Collective
1.10 Fancy Bear
2. Data breach attacks
2.1 Sony Pictures hack
3. Summary
Ransomware Detection and Prevention
1. Desktop configuration
2. Antivirus
2.1 Hash algorithms
2.2 Pattern matching
2.3 Components of an antivirus engine
3. Exploit prevention on Windows
4. Anti-bootkit
5. Detection on a network
5.1 Firewalls
5.2 Intrusion detection and prevention systems
5.3 Sandboxes
6. Honeypots
7. Analytics, machine learning, and correlation
8. Data protection
8.1 Data encryption
8.2 Backup
8.3 Data loss prevention solutions
9. Process and compliance
10. Summary
Incident Response
1. Isolating the infected machine
2. Notifying the law authorities
3. Contacting the antivirus vendor
4. Help from the web
5. Forensics
6. Summary
The Future of Ransomware
1. The future of malware capabilities
1.1 Distribution channel
1.2 Anonymity
1.3 Evading detection
1.4 Avoiding decryption
1.5 Side stepping encryption
2. Future victims
2.1 Taking your website hostage
2.2 Taking your house hostage
2.3 Taking your car hostage
2.4 Taking your pacemaker hostage
2.5 Taking your voting hostage
2.6 Taking your smart grid hostage
3. Summary
Other Books You May Enjoy
Leave a review - let other readers know what you think
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
PacktPub.com
Next
Next Chapter
About the authors
Contributors
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset