Internals of a Spam Distribution Botnet Botconf 2018 Thursday | 09:00 – 09:50 Jose Miguel Esparza 🗣 Cybercriminals use different methods to distribute malware like malicious advertisements, Exploit Kits, loaders or spam campaigns. Unless an attack is really targeted the bad guys will try to infect as many computers as possible and they need some […]
Internals of a Spam Distribution Botnet Read More »
The Dark Side of the ForSSHe Botconf 2018 Thursday | 16:30 – 17:20 Romain Dumont 🗣 | Hugo Porcher 🗣 In February 2014, ESET researchers from Montreal published a report on a group who compromised more than 40,000 Linux servers worldwide since 2011. ESET named this campaign Windigo. At the centre of this operation, Ebury, an OpenSSH
The Dark Side of the ForSSHe Read More »
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Botconf 2018 Friday | 11:10 – 11:50 Piotr Białczak 🗣 When we analyze malware C&C network traffic we often see that it contains HTTP protocol. Sometimes the messages are obfuscated and sometimes sent as plain text. They can be intentionally crafted to look
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Read More »
Stagecraft of Malicious Office Documents – A Look at Recent Campaigns Botconf 2018 Thursday | 10:20 – 10:50 Nirmal Singh 🗣 | Deepen Desai 🗣 | Tarun Dewan 🗣 Malicious office documents have become a favorite malware delivery tool for malware authors. We have observed an increase in use of malicious documents over past 4 years. 30% of the
Stagecraft of Malicious Office Documents – A Look at Recent Campaigns Read More »
Let’s Go with a Go RAT! Botconf 2018 Friday | 11:50 – 12:20 Yoshihiro Ishikawa 🗣 | Shinichi Nagano 🗣 The Go language (GoLang) is an open source programming language developed by Google Inc. in 2009, and it can be run on various platforms such as Linux, Mac, Windows, Android.Speaking of malware using Golang, Mirai is one
Let’s Go with a Go RAT! Read More »
Judgement Day Botconf 2018 Thursday | 15:10 – 16:00 Thomas Siebert 🗣 – Suspsense 🙂 Edit
Tracking Actors through their Webinjects Botconf 2018 Friday | 12:20 – 13:00 James Wyke 🗣 Webinjects have been a feature of banking malware ever since they were popularised with great success by early families such as Zeus. In that time writing Webinjects has become a highly specialized skill with off-the-shelf Webinjects systems becoming as popular
Tracking Actors through their Webinjects Read More »
Hunting for Silence Botconf 2018 Thursday | 11:50 – 12:40 Rustam Mirkasymov 🗣 Edit
Hunting for Silence Read More »
Automation, structured knowledge in Tactical Threat Intelligence Botconf 2018 Wednesday | 17:50 – 18:30 Ronan Mouchoux 🗣 | Ivan Kwiatkowski 🗣 The connected societies facing ever evolving risks, traditional cyber security solutions have been charged by the popular jury for incompetence. Yet they are working for what they have been designed for, the rise of targeted attacks
Automation, structured knowledge in Tactical Threat Intelligence Read More »
Collecting Malicious Particles from Neutrino Botnets Botconf 2018 Wednesday | 16:40 – 17:20 Jakub Souček 🗣 | Jakub Tomanek 🗣 | Peter Kálnai Neutrino Bot (also known and detected as Win/Kasidet) is a rapidly changing threat. It first became known around December 2013. It has been actively developed ever since resulting in version 5.4 at the very beginning of
Collecting Malicious Particles from Neutrino Botnets Read More »