How Shodan helped bring down a ransomware botnet

Shodan is a search engine that looks for internet-connected devices. Hackers use it to find unsecured ports and companies use it to make sure that their infrastructure is locked down. This summer, it was also used by security researchers and law enforcement to shut down a ransomware botnet.

The Encryptor RaaS botnet offered ransomware as a service, allowing would-be criminals to get up and going quickly with their ransomware campaigns, without having to write code themselves, according to report released last week.

The ransomware first appeared in the summer of 2015. It didn’t make a big impact — in March, Cylance reported that it had just 1,818 victims, only eight of whom had paid the ransom.

To read this article in full or to leave a comment, please click here