Works for F-Secure, Finland, as a senior researcher.
Latest articles from
Updated 2016-05-03: Edited to add some small details about the decryption code. Updated 2016-04-03: Edited to add more details about the encryption scheme. Petya is a new ransomware with an evil twist: instead of encrypting files on disk, it will lock the entire disk, rendering it pretty much useless. Specifically, it will encrypt the filesystem’s […]
1. Introduction The Sofacy Group (also known as Pawn Storm or APT28) is well known for deploying zero-day exploits in their APT campaigns. For example, two recent zero-days used by the Sofacy Group were exploiting vulnerabilities in Microsoft Office CVE-2015-2424 and Java CVE-2015-2590. If the exploit is successful, it installs a Sofacy downloader component, which is different from […]