Deep Dive Into Alma Ransomware



Presented by: Jason Davison, Security Threat Analyst and King Salemno, Malware Researcher



In the ever expanding threat landscape, ransomware attacks have outpaced banking Trojans in sheer number of incidents, if not profit. The most compelling reason for this shift is the ease by which successful ransomware can be written, distributed, and monetized when compared to elaborate banking Trojans.



Through our monitoring system, PhishLabs observed a new threat known as Alma Ransomware being delivered via an exploit kit at the end of August. In this presentation, we will explore the technical flaws in Alma Ransomware and its infrastructure along with an analysis of what those flaws may tell us about the author / threat actor.