Description
BPB Publications Breaking Ransomware by Jitender Narula and Atul Narula
Crack a ransomware by identifying and exploiting weaknesses in its designKey Features● Get an overview of the current security mechanisms available to prevent ransomware digital extortion.● Explore different techniques to analyze a ransomware attack.● Understand how cryptographic libraries are misused by malware authors to code ransomwares.DescriptionRansomware is a type of malware that is used by cybercriminals. So, to break that malware and find loopholes, you will first have to understand the details of ransomware. If you are looking to understand the internals of ransomware and how you can analyze and detect it, then this book is for you.This book starts with an overview of ransomware and its building blocks. The book will then help you understand the different types of cryptographic algorithms and how these encryption and decryption algorithms fit in the current ransomware architectures. Moving on, the book focuses on the ransomware architectural details and shows how malware authors handle key management. It also explores different techniques used for ransomware assessment. Lastly, the book will help you understand how to detect a loophole and crack ransomware encryption.By the end of this book, you will be able to identify and combat the hidden weaknesses in the internal components of ransomware.What you will learn● Get familiar with the structure of Portable Executable file format.● Understand the crucial concepts related to Export Directory and Export Address Table.● Explore different techniques used for ransomware static and dynamic analysis.● Learn how to investigate a ransomware attack.● Get expert tips to mitigate ransomware attacks.Who this book is forThis book is for cybersecurity professionals and malware analysts who are responsible for mitigating malware and ransomware attacks. This book is also for security professionals who want to learn how to prevent, detect, and respond to ransomware attacks. Basic knowledge of C/C++, x32dbg and Reverse engineering skills is a must.Table of ContentsSection I: Ransomware Understanding1. Warning Signs, Am I Infected?2. Ransomware Building Blocks3. Current Defense in Place4. Ransomware Abuses Cryptography5. Ransomware Key ManagementSection II: Ransomware Internals6. Internal Secrets of Ransomware7. Portable Executable Insides8. Portable Executable SectionsSection III: Ransomware Assessment9. Performing Static Analysis10. Perform Dynamic AnalysisSection IV: Ransomware Forensics11. What’s in the Memory12. LockCrypt 2.0 Ransomware Analysis13. Jigsaw Ransomware AnalysisSection V: Ransomware Rescue14. Experts Tips to Manage Attacks