Static Android Malware Analysis Workshop Botconf 2019 Tuesday | 14:00 – 17:30 Max ‘Libra’ Kersten 🗣 Mobile phones are used more and more in our daily lives. Purely based on someone’s phone, one can find a lot of information: GPS data, chat history, photos, notes, and online banking applications. Because of this, mobile phones are […]
Static Android Malware Analysis Workshop Read More »
DeStroid – Fighting String Encryption in Android Malware Botconf 2019 Wednesday | 10:45 – 11:15 Daniel Baier 🗣 | Martin Lambertz 🗣 In this paper we present DeStroid, an approach to fully automatically decrypt obfuscated strings from Android apps. We focus in particular on current Android malware using advanced string encryption techniques and show that DeStroid outperforms
DeStroid – Fighting String Encryption in Android Malware Read More »
Golden Chickens: Uncovering A Malware-as-a-Service (MaaS) Provider and Two New Threat Actors Using It Botconf 2019 Wednesday | 11:20 – 12:00 Marco Riccardi 🗣 | Chaz Hobson 🗣 | Allison Ebel 🗣 …/… Edit
Unrevealing the Architecture Behind the Counter-Strike 1.6 Botnet: Zero-Days and Trojans Botconf 2019 Wednesday | 12:05 – 12:35 Ivan Korolev 🗣 | Igor Zdobnov 🗣 The Belonard Botnet was designed to promote servers in Counter-Strike 1.6. In order to achieve that, the botmaster employed the Belonard Trojan, which was spread via malicious game server; an infected pirated
Unrevealing the Architecture Behind the Counter-Strike 1.6 Botnet: Zero-Days and Trojans Read More »
Keynote – Putting an end to Retadup Botconf 2019 Wednesday | 14:00 – 14:50 Gilles Schwoerer 🗣 | Michal Salat 🗣 Edit
Keynote – Putting an end to Retadup Read More »
An Android Botnet Analysis – Shaoye Botnet Botconf 2019 Wednesday | 14:55 – 15:35 Min-Chun Tsai 🗣 | Jen-Ho Hsiao 🗣 | Ding-You Hsiao 🗣 The action of Shaoye botnet started from June 2017. The peak of attacks was seen in January 2018. TWNCERT (Taiwan National Computer Emergency Response Team) received the intelligence about a DNS hijack from Japan
An Android Botnet Analysis – Shaoye Botnet Read More »
Tracking botnets with Long Term Sandboxing Botconf 2019 Wednesday | 16:05 – 16:45 Piotr Białczak 🗣 | Adrian Korczak 🗣 Sandbox systems have become an efficient way to analyze malware behavior. They can provide information about malware in a quick and automatic manner. However their analysis time is usually limited only to a couple of minutes, thus
Tracking botnets with Long Term Sandboxing Read More »
Insights and Trends in the Data-Center Security Landscape Botconf 2019 Wednesday | 16:50 – 17:30 Daniel Goldberg 🗣 | Ophir Harpaz 🗣 We deployed a large collection of high-interaction deception servers deployed in multiple cloud environments worldwide. Each such deception machine is capable of capturing and recording attacks on various services. This infrastructure provides us with a
Insights and Trends in the Data-Center Security Landscape Read More »
The Hunt for 3ve Botconf 2019 Wednesday | 17:35 – 18:15 Dimitris Theodorakis 🗣 | Ryan Castellucci 🗣 3ve (pronounced “Eve”) was a global, complex family of online ad fraud operations, each designed to evade detection. A cross-industry alliance dismantled 3ve, resulting in the indictment and arrest of its perpetrators. This is the first time that consequences
Guildma: Timers Sent from Hell Botconf 2019 Wednesday | 18:20 – 19:00 Adolf Středa 🗣 | Luigino Camastra 🗣 | Jan Vojtěšek 🗣 For several months now, we have been tracking a malware campaign called Guildma. Guildma is powerful combination of a RAT (remote access tool), spyware, password stealer and banker malware, mainly distributed via malicious attachments in phishing
Guildma: Timers Sent from Hell Read More »