Hacker, author, programmer, speaker. Developer of https://t.co/ojPSnHL6Vh. A founder of @telephreak. Producer of the https://t.co/wQL34gHv1U podcast. CTO @Quadrantsec.
Jan 26, 2023 • 8 tweets • 5 min read
1/8 A few months back, we stopped a #ransomware attack by the group #BlackBasta. We spent a lot of time studying their backend servers, malware and more.
If you're interested in #ransomware, then you'll want to read this story...
2/8 It ends up that the #BlackBasta gang uses victims networks to log back into their own network! The leads to some interesting monitor opportunities.
This allowed us to monitor _them_.
On the victims servers, we deploy "clip board" monitoring.