Summary:
What does it take to monitor the inner workings of ransomware gangs? In this episode, Matthew Maynard shares his firsthand experience infiltrating cybercriminal communities to gather valuable threat intelligence. From learning the lingo to navigating criminal hierarchies, Matthew sheds light on the surprising structure and behavior of ransomware operators. We discuss the importance of operational security, the surprising transparency of cybercriminal forums, and how researchers can play a critical role in disrupting ransomware infrastructure.
Topics Discussed:
How Matthew got started monitoring cybercriminal groups
The business model and hierarchy of ransomware gangs
Use of AI, insider threats, and criminal marketing tactics
Tools and platforms used by cybercriminals (Tor, Tox, Telegram, etc.)
Lessons learned from forums, breach leaks, and failed infiltration attempts
The value of open-source intelligence in tracking threat actors
Why reputation matters—both for threat actors and researchers
Operational safety tips for researchers entering dark web spaces
Guest Bio:
Matthew Maynard is a cybersecurity professional and threat researcher who specializes in tracking the behavior of ransomware gangs and cybercriminal forums. He shares his insights through articles on Hacker Noon and speaks regularly at conferences like ShowMeCon.
Links & Resources:
Use the promo code “ExploringSec” to get $50 off your registration
Showmecon Links and Resources:
Learn more about ShowMeCon: showmecon.com
Register for Training or the Conference: Registration Link
Event Venue and Room Block Information: Ameristar Casino & Resort
Connect with the Founder of ShowMeCon Dave Chronister: LinkedIn Profile
Connect with the Head Organizer for ShowMeCon Brooke Deneen: LinkedIn Profile
Support the Podcast:
Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.
Contact Information:
Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.