Sality Botconf 2015 Friday | 14:00 – 14:40 Peter Kleissner 🗣 Sality is one of the longest-alive threats and probably the most underrated botnet ever. It made its first appearance in 2003 and is still active in 2015. There are more than 2 million active infections (as per 24 hours) and it has advanced features […]
Inside DarkComet: a wild case-study Botconf 2015 Friday | 11:00 – 11:50 Jeremy du Bruyn 🗣 This research discusses the application of a framework for the automated analysis of malware samples, specifically botnet binaries, which automates the collection, analysis, and infiltration of botnets. Due to the increased number of samples released daily, such frameworks have
Inside DarkComet: a wild case-study Read More »
Powered by JavaScript Botconf 2015 Friday | 10:00 – 10:30 Renaud Bidou 🗣 Current capabilities of JavaScript turns the browser into the perfect host for a botnet agent. It can be compromised through different vectors, offers a wide range of functionalities, provides persistence and storage, communicates freely with many C&C channels, and behaves like a
Powered by JavaScript Read More »
The story of Cryptowall: a historical analysis of a large scale cryptographic ransomware threat Botconf 2015 Friday | 09:30 – 10:00 Yonathan Klijnsma 🗣 For almost two years Cryptowall has been making its rounds encrypting the files of victims and extorting them for money in the form of Bitcoins. Following in the footsteps of Cryptolocker
Travelling to the far side of Andromeda Botconf 2015 Thursday | 09:50 – 10:30 Jose Miguel Esparza 🗣 Andromeda, also known as Gamarue by some Antivirus vendors, is a popular and modular bot active since 2011. It is normally used to spread additional malware, but sometimes, depending on the criminals, the main objective could be
Travelling to the far side of Andromeda Read More »
Ponmocup, the full story: A giant hiding in the shadows Botconf 2015 Wednesday | 11:50 – 12:40 Maarten van Dantzig 🗣 | Yonathan Klijnsma 🗣 Ponmocup is one of the most successful and longest running botnets of the past decade. First detected in 2006, as Vundo or Virtumonde, and detected as Ponmocup starting in 2011, we believe
Ponmocup, the full story: A giant hiding in the shadows Read More »
Butterfly attackers Botconf 2015 Wednesday | 14:50 – 15:40 Gavin O’Gorman 🗣 Edit
Butterfly attackers Read More »
The missing piece in threat intelligence Botconf 2015 Wednesday | 16:30 – 17:20 Frank Denis 🗣 Information sharing has become increasingly important to reduce risk against security threats. From public feeds to mechanisms for privately exchanging information between security researchers, the number of threat intelligence feeds may very well exceeds the number of actors being
The missing piece in threat intelligence Read More »
Honey ?! Where is my PoS ? Botconf 2015 Wednesday | 17:20 – 17:50 Marc Doudiet 🗣 It doesn’t pass a month without a news about a new POS (point-of-sale) malware or credit card data breach. By nature, the details of this kind of breach cannot be public (banks, ongoing investigation, reputation, …). But what
Honey ?! Where is my PoS ? Read More »
Takedowns: case studies and what we all could be doing better Botconf 2015 Wednesday | 17:50 – 18:30 John Bambenek 🗣 We have all seen the splashy headlines of large threats being subjected to takedowns only to re-emerge days (or hours) later. A few takedowns, however, have achieved long term results. This talk will focus
Takedowns: case studies and what we all could be doing better Read More »