Semyon Rogachev
Last known affiliation: Group-IB
Bio: Rogachev Semyon has been working with Group-IB for the last three years and has been committed to malware analysis and incident response. Co-author of numerous threat reports: Ransomware Uncovered, Egregor ransomware: The legacy of Maze lives on, Lock Like a Pro: Dive in Recent ProLock’s Big Game Hunting and other.
Date: 2022-04-27
RTM: sink-holing the botnet
Rustam Mirkasymov 🗣 | Semyon Rogachev 🗣
Rustam Mirkasymov 🗣 | Semyon Rogachev 🗣
Abstract (click to view)
This talk is about how we found the flaw in C&C calculation algorithm in RTM botnet. And used that logical weakness to sinkhole the botnet. This gave us as a result a list of compromised machines and an ability to shutdown disrupt the whole botnet.