Botconf presentation or article – Page 43

Incremental clustering of malware packers using features based on transformed CFG

Botconf presentation or article / Editorial team

Botconf 2023 Additional papers Additional paper Incremental clustering of malware packers using features based on transformed CFG Ludovic Robin 🗣 | Corentin Jannier 🗣 | Jean-Yves Marion 🗣 Packer detection is an important topic because most malware is packed and this allows it to avoid detection based on static analysis. Identifying classes of packers is the key to effective detection […]

Incremental clustering of malware packers using features based on transformed CFG Read More »

Syslogk Linux Kernel Rootkit – Executing Bots via “Magic Packets”

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 17:05 – 17:35 Long presentation Syslogk Linux Kernel Rootkit – Executing Bots via “Magic Packets” David Álvarez Pérez 🗣 In November 2022, we discovered a new version of the Syslogk Linux kernel rootkit affecting x86 and x86_64 processor architectures (udis86 disassembler dependency). We were not surprised, as the first version we

Syslogk Linux Kernel Rootkit – Executing Bots via “Magic Packets” Read More »

Read The Manual Locker: A Private RaaS Provider

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 17:40 – 18:10 Long presentation Read The Manual Locker: A Private RaaS Provider Max ‘Libra’ Kersten 🗣 Another day, another ransomware-as-a-service provider, or so it seems. The “Read The Manual” (RTM) Locker gang targets corporate environments, forcing their affiliates to follow a strict ruleset. Is this yet another ransomware gang, or

Read The Manual Locker: A Private RaaS Provider Read More »

The Fodcha Botnets We Watched

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 18:10 – 18:35 Short presentation The Fodcha Botnets We Watched Lingming Tu 🗣 | Wenji Qu | Ya Liu Fodcha is a new DDoS botnet family targeted Linux IoT devices. After it was firstly detected in January 2022, 4 versions of 250+ samples have been observed by us, from which over 140 C&C domains were

The Fodcha Botnets We Watched Read More »

The Case For Real Time Detection of Data Exchange Over the DNS Protocol

Botconf presentation or article / Editorial team

Botconf 2023 Thursday | 15:25 – 15:45 Short presentation The Case For Real Time Detection of Data Exchange Over the DNS Protocol Yarin Ozery 🗣 Data exfiltration and detection has been the subject of lots of research in recent years. DNS exfiltration is the process of abusing the DNS protocol, originally designed for hostname resolving,

The Case For Real Time Detection of Data Exchange Over the DNS Protocol Read More »

Tracking Bumblebee’s Development

Botconf presentation or article / Editorial team

Botconf 2023 Thursday | 16:15 – 16:40 Short presentation Tracking Bumblebee’s Development Suweera De Souza 🗣 In March 2022, a new buzz called Bumblebee appeared in the eCrime scene. This loader is built to execute tasks from its command-and-control (C2), and deliver payloads such as CobaltStrike. But its development doesn’t stop there. In the span

Tracking Bumblebee’s Development Read More »

A student’s guide to free and open-source enterprise level malware analysis tooling

Botconf presentation or article / Editorial team

Botconf 2023 Thursday | 16:45 – 17:05 Invited talk A student’s guide to free and open-source enterprise level malware analysis tooling Max ‘Libra’ Kersten 🗣 Finding malware is not the difficult part, as it is prevalent due to the widespread malware campaigns which target consumers and companies alike. Samples are available in multitudes on sample

A student’s guide to free and open-source enterprise level malware analysis tooling Read More »

RAT as a Ransomware – An Hybrid Approach

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 11:55 – 12:25 Long presentation RAT as a Ransomware – An Hybrid Approach Nirmal Singh 🗣 | Avinash Kumar 🗣 | Niraj Shivtarkar In the last few years we have seen a substantial growth in the Malware-as-a-Service (MaaS) market, this revenue model generates a high income revenue stream for the malware developers and also makes

RAT as a Ransomware – An Hybrid Approach Read More »

A dissection of the KmsdBot

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 12:30 – 12:55 Short presentation A dissection of the KmsdBot Larry W. Cashdollar 🗣 | Allen West 🗣 The presentation will document the KmsdBot discovered and documented by Larry Cashdollar and Allen West. We will discuss the initial discovery, static and dynamic code analysis, some reverse engineering techniques in regard to Go lang

A dissection of the KmsdBot Read More »

Security Implications of QUIC

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 14:00 – 14:45 Keynote Security Implications of QUIC Paul Vixie 🗣 | Ben April The Internet has long served as the Web’s communications substrate, and historically that has meant TCP/IP. TCP is a clear text reliable stream protocol which predates the Web by about two decades and is usually implemented in the operating

Security Implications of QUIC Read More »