Technology has changed our lives for the better; there is no doubt about it. However, it also introduced various risks into them. In fact, this is one of the most interesting things about technology: its effect depends on the people behind it. Sadly, alongside inspiring figures who move technology, and the world forward, there is always a group abusing it for the worst.
We at Check Point are constantly studying new technologies (we are tech geeks after all). We do so to identify possible vulnerabilities and potential malicious uses, and build protections against them. Our mission is to stay one step ahead of malware developers.
As part of our researches, we have recently encountered the new ZeroNet protocol.
ZeroNet is a Peer-to-Peer network, intended to supply users with a platform that is immune to censorship. Using ZeroNet, sites will stay online as long as at least one seeder exists. While this is a moving idea, it has already been used for shady purposes, hosting sites which violate copyrights and sell botnets.
Ransomware writers face a challenge when creating their payment gateways, which are often shut down by law enforcement agencies and security vendors. ZeroNet, being a new protocol mainly used as an anonymizer, can very well be the next method of payment for threat actors. As demonstrated in our POC ZeroNetProtocol DP 4, using ZeroNet, perpetrators can anonymously create a simple payment method, creating gateways on their victims’ devices, which cannot be shut down.
Ransomware is a rising threat, which is continuously evolving. Ransomware rapidly change their characteristics to evade security measures and become more efficient. You can find further information about the different types of ransomware in our blog posts. Check Point protects users worldwide against this threat, using novel techniques, such as the SandBlast Advanced Threat Prevention and the Anti-Bot technology. Researching new threats is crucial in our struggle to keep our customers protected, and to stay one step ahead.