Preinstalled Gems on Cheap Mobile Phones
Preinstalled Gems on Cheap Mobile Phones Botconf 2019 Thursday | 09:00 – 09:30 Laura Guevara 🗣 …/… Edit
Preinstalled Gems on Cheap Mobile Phones Read More »
Honor Among Thieves:How Stealer Malware Fuels an Underground Economy of Compromised Accounts
Honor Among Thieves:How Stealer Malware Fuels an Underground Economy of Compromised Accounts Botconf 2019 Thursday | 09:35 – 10:15 Brian Carter 🗣 Stealers are a class of malicious software that reads in saved credentials from common programs on computers and sends them to criminals who will attempt to monetize the stolen information. This presentation covers
Bot with Rootkit: Update and Mine!
Bot with Rootkit: Update and Mine! Botconf 2019 Thursday | 10:20 – 10:40 Alexander Eremin 🗣 | Alexey Shulmin 🗣 In June of 2019 we got an interesting sample. When analyzing the activity of this sample, we noticed that for some reason it downloaded a legitimate Microsoft update KB3033929 from its own CnC and installed it on
Bot with Rootkit: Update and Mine! Read More »
“DESKTOP-Group” – Tracking a Persistent Threat Group (using Email Headers)
“DESKTOP-Group” – Tracking a Persistent Threat Group (using Email Headers) Botconf 2019 Thursday | 11:10 – 11:40 Tom Ueltschi 🗣 At BotConf 2015, I presented a lightning talk “Creating your own CTI in 3 minutes”. This presentation is building on that capability to do semi-automated malware analysis based on a commercial sandbox solution. I will
“DESKTOP-Group” – Tracking a Persistent Threat Group (using Email Headers) Read More »
The Bagsu Banker Case
The Bagsu Banker Case Botconf 2019 Thursday | 11:45 – 12:10 Benoit Ancel 🗣 The carding ecosystem is constantly evolving. The actors have to adapt their methodology to continue to steal from the banks with a good cost effectiveness ratio. To maintain this balance, the carders have moved towards infrastructure as a service, making the
The Bagsu Banker Case Read More »
How to track an Android botnet by OSINT and APK analysis tools
How to track an Android botnet by OSINT and APK analysis tools Botconf 2019 Tuesday | 13:00 – 18:30 Suguru Ishimaru 🗣 | Manabu Niseki 🗣 | Hiroaki Ogawa 🗣 Analyzing malware is an important part of preventing and detecting cyber threats. But it’s not enough. You should learn how malware is spread for understanding the overall threat landscape.
How to track an Android botnet by OSINT and APK analysis tools Read More »
Honeypot + graph learning + reasoning = scale up your emerging threat analysis
Honeypot + graph learning + reasoning = scale up your emerging threat analysis Botconf 2020 Friday | 14:50 – 15:20 Ali Fakeri-Tabrizi 🗣 | Hongliang Liu 🗣 | Anastasia Poliakova | Yohai Einav You must see thousands of new threats hitting your honeypot, what would you do next? Buying more coffee for the security research team so they can keep analyzing
Honeypot + graph learning + reasoning = scale up your emerging threat analysis Read More »
A detailed look into the Mozi P2P IoT botnet
A detailed look into the Mozi P2P IoT botnet Botconf 2020 Thursday | 13:00 – 13:20 Andreas Klopsch 🗣 | Chris Dietrich 🗣 | Raphael Springer 🗣 Since December 2019, we have reverse engineered and tracked the activity and infection population of a botnet family referred to as Mozi that infects Linux-based Internet-of-Things (IoT) devices. Mozi implements a peer-to-peer
A detailed look into the Mozi P2P IoT botnet Read More »
Fritzfrog: A Story of a Unique P2P Botnet
Fritzfrog: A Story of a Unique P2P Botnet Botconf 2020 Wednesday | 13:50 – 14:20 Ophir Harpaz 🗣 Botnets, as Botconf’s participants know very well, vary significantly. Their goals differ, as well as their TTPs and implementations. Nonetheless, most of them usually share the property of connecting to a remote attack server. In fact, great
Fritzfrog: A Story of a Unique P2P Botnet Read More »
Hunting the Quasar Family – How to Hunt a Malware Family
Hunting the Quasar Family – How to Hunt a Malware Family Botconf 2020 Wednesday | 13:20 – 13:50 Shusei Tomonaga 🗣 | Tomoaki Tani 🗣 | Kota Kino 🗣 QuasarRAT is the most famous open source RAT project among many. Since xRAT (the predecessor of Quasar RAT) was released in 2014, many attackers have deployed this RAT in many
Hunting the Quasar Family – How to Hunt a Malware Family Read More »