Articles The Ransomwhere project creates a database of ransomware payments

The Ransomwhere project creates a database of ransomware payments


Project  Ransomwhere , created by a student at Stanford University and a researcher at the IB-Krebs Stamos Group Jack Cable, creates a free and open database of payments, which have been translated to various extortionate hack groups.

This database, devoid of any personal information, will be available to information security specialists and law enforcement officers for free download. Unfortunately, such a database can be easily corrupted by fake material, but to counter this, Cable plans to study all submissions, and in the future plans to add a voting system for individuals so that reports can be flagged as fake.

In general, the site is very simple: it allows victims of ransomware attacks and security specialists to transfer copies of their ransom notes to Ransomwhere, as well as report the amount of the ransom and the bitcoin address to which the victims transferred the payment. Then this address will be indexed in the public database.

The main idea is to create a centralized system that tracks payments sent by hackers, which will allow them to more accurately assess the scale of their profits and operations, about which very little is known. The creator of the project hopes that the anonymous exchange of payment data through a third-party service, such as Ransomwhere, will remove some barriers in the information security community, such as nondisclosure agreements and business competition.

So far, Cable relies only on publicly available materials to expand its database, but the researcher told The Record that he is already exploring “the possibility of partnerships with analytical companies in the field of information security and blockchain to integrate the data they may have about the victims.”

Reporters point out that the launch of the Ransomwhere project is very similar to the launch of the ID-Ransomware project created by Michael Gillespie in early 2016. Initially, it was a site where hacker victims could download the ransom notes they received, and the site told them which malware family was attacking their systems and where they could get help recovering their files. As a result, ID-Ransomware has become an indispensable tool for many incident response specialists.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you