Link to part 2: https://securityshenaningans.medium.com/architecture-of-a-ransomware-2-2-e22d8eb11cee

Last couple of months we’ve seen a rise in ransomware related incidents, mostly due to the increase of remote work because of COVID-19. Nevertheless, not all ransomware works in the same way, and in order to have a better incident response in the event of a successful attack, we should have a good understanding of its inner workings. This can hopefully help you to reverse the encryption mechanism of the ransomware, or at least prevent further infection.

One of the best ways of learning how something truly works is to try to build it yourself (and this is what I did). So in this two part write up we’ll spend the first explaining principles and concepts you need to understand. …

About

Security Shenanigans

I’m a security engineer who enjoys writing about experiences in the infosec field. OSCP. linkedin.com/in/federlago.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store