Inside Different Generations of Ransomware
Introduction
This page serves as the central hub for my series “Inside Different Generations of Ransomware”.
Unlike completed analysis articles, this page focuses on outlining the research scope, methodology, and planned targets for future analysis.
This page will be continuously updated as new research is added.
Research Scope
This series aims to analyze representative ransomware samples across different stages of evolution. The goal is not only to understand how they work, but also to identify how design patterns change over time.
The analysis will focus on:
- Encryption mechanisms and key management
- Propagation techniques (if applicable)
- Anti-analysis and evasion techniques
- Operational design (e.g., monetization strategies)
Evolution Overview
Based on existing reports and preliminary observations, ransomware appears to have evolved through several stages:
- Early stage: Screen lockers with limited technical sophistication
- Crypto ransomware era: Adoption of strong encryption mechanisms
- Worm-enabled ransomware: Self-propagating attacks (e.g., WannaCry)
- Modern ransomware: RaaS ecosystems and data exfiltration
These hypotheses will be further validated through detailed analysis in this series.
Roadmap
Planned analysis in this series includes:
- CryptoLocker
- WannaCry
- Petya
Articles
The table below lists all articles in this series analyzing various ransomware families and variants.
It will be updated continuously as new research is published.
| Ransomware | Article |
|---|---|
| Preface of this series | Inside Different Generations of Ransomware |
| Thought of Ransomware and RATs | Ransomware vs. RAT |
THANKS FOR READING
