Draco Team: Romania’s Covert Cyber-Crime Fighting Unit
Overview
* A covert cyber-crime-fighting unit based in Romania within Bitdefender
* Members conduct malware analysis, forensics, and cryptocurrency investigations outside of work hours
* Keeps identities secret to protect themselves from retaliation
Key Operations Highlighted
1. Gang Crabb Ransomware
* Released five decryption tools that disrupted the gang’s trust network and caused it to shut down
* Prevented over $1 billion in ransom payments through multiple decryption tools
2. Rebel (Sobi) Ransomware
* Produced a decryption tool that halted another $1 billion in ransom payments
* Exposed a backdoor in the malware, revealing affiliates were not receiving due payouts
3. Personal Revenge Case
* Targeted Gang Crabb after its malware infected a penetration tester’s girlfriend, leading to a 2.5-year vendetta
* The gang collapsed as a result of the personal revenge case
Cybersecurity Efforts and Countermeasures
* Deep-Fake Detection: Analyzes audio and video for synthetic manipulation and assesses intent (satirical vs. malicious)
* AI Scammer Honeypots: Engages scammers for hours, gathering data on tactics and URLs
* Multi-Touchpoint Detection: Correlates separate communications to identify coordinated scams
AI-Driven Defenses Led by Ros V, Director of Innovation
* Provides free security tools and SOC monitoring to hospitals and other critical infrastructure during the COVID-19 pandemic
Conclusion
* The Draco team’s efforts have made significant dent in cybercrime, protecting real people and their digital lives
* Individuals interested in joining the team must first work for Bitdefender, express interest in malware analysis, cryptocurrency investigation, or forensics, and connect with a team member
link: https://www.youtube.com/watch?v=o-8amaZBi5M
Napsat komentář