14th and 15th February, 2025
Kaapelitehdas, Helsinki Finland
Ransomware Leaks Lead To Floods - How Leaked Files From Ransomware Can Be Weaponized Against Further Victims
Roman Sannikov
Lorenzo Nicolodi
We analyze the content we have aggregated from files exposed on ransomware leak sites to assess the types of files and the types of content these files contain. We further evaluate how the types of content can be scraped and weaponized by threat actors against further victims by criminal, nation-state, and hacktivist or extremist actors. Finally, we attempt to find evidence linking an organization that has been hit by ransomware to mentions of the organization in earlier leaks.
Roman Sannikov
Roman has been involved in cyber threat intelligence and cybersecurity since 2000. He has worked in both the public and private sector in the United States. He is an expert on cybercrime, the dark web, and disinformation operations. He is currently focused on ransomware mitigation and prevention, disinformation operations, and raising the level of understanding of cyber threats by the general public. He's also involved with several non-profits focused on providing cyber security to vulnerable peoples and expanding access to cyber resources for disadvantaged populations.
Lorenzo Nicolodi
Lorenzo loves complex technical challenges and creative solutions, expecially when cybersecurity is involved. He likes to code, reverse engineer, investigate and everything in between.
