Technical paper: Exploring the history and technology of ransomware


Technical paper: Next Generation Fake Anti-VirusOver the last year, we have seen the resurgence of ransomware. Examples include fake FBI warnings and accompanying ‘fines’ to taking your data hostage.

Earlier this month, the arrest of a Ransomware gang was announced.

Our SophosLabs research shows that ransomware is second only to the Zeus/Zbot crimeware kit in popularity among malware distributors who use the Blackhole exploit kits. It is also significantly ahead of fake antivirus.


Anand Ajjan, a senior researcher with SophosLabs, has been taking a close look at ransomware for a new technical paper. It provides interesting general history, as well as some in-depth detail for the technically minded.

He has dug into the tactics used by ransomware and its development, while examining improvements in technology and social engineering.

Anand tracks ransomware techniques from simple SMS payments through basic encryption to modern industrial grade public key encryption. He also writes about the dissecting of ransomware, even providing a technical case study of a Winlocker.

Read now: “Ransomware: Next-Generation Fake Antivirus”