GenRex Demonstration: Level Up Your Regex Game Botconf 2024 Thursday2024-04-25 | 14:35 – 15:15 Dominika Regéciová 🗣 GenRex is a unique tool for detecting similarities in artifacts from executable files and the generation of regular expressions. This paper demonstrates how to use GenRex to maximize the usage of regular expressions automatically created from behavioral reports […]
GenRex Demonstration: Level Up Your Regex Game Read More »
Gozi ISFB – Memoirs of a banking trojan Botconf 2024 Thursday2024-04-25 | 13:50 – 14:30 Fred Harrison 🗣 Gozi ISFB has been a persistent banking trojan that has gone through many changes over its lifetime. Being observed for generic and banking fraud campaigns but also now slowly pivoting into the ransomware as a service world
Gozi ISFB – Memoirs of a banking trojan Read More »
Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos Botconf 2024 Thursday2024-04-25 | 12:05 – 12:35 Alexey Bukhteyev 🗣 | Arie Olshtein In the ever-evolving landscape of cyber threats, seemingly legitimate tools have taken a dark turn, emerging as potent weapons in the hands of cybercriminals. Notable examples include the Remcos RAT and GuLoader (also known
Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos Read More »
The Supershell and its widespread Botnet Botconf 2024 Thursday2024-04-25 | 11:35 – 12:05 Chetan Raghuprasad 🗣 This presentation details the Supershell C2 framework. Threat actors are using this framework massively and creating botnets with the Supershell implants. Supershell is a relatively new C2 framework with a WEB-based command and control (C2) server written in Python
The Supershell and its widespread Botnet Read More »
LightSpy2: feature-rich mobile surveillance tool set Botconf 2024 Thursday2024-04-25 | 11:00 – 11:30 Victor Chebyshev 🗣 Mobile malware poses a significant threat to user privacy and security, with the potential to carry out a wide range of malicious actions on infected devices. Beyond the familiar capabilities such as SMS message theft, call log recording, and
LightSpy2: feature-rich mobile surveillance tool set Read More »
Evasions Fest of Korean Android Financial Menace – FakeCalls Botconf 2024 Thursday2024-04-25 | 10:10 – 10:40 Raman Ladutska 🗣 | Bohdan Melnykov When malware actors want to enter the business, they can choose markets where their profit is almost guaranteed to be worth the effort – according to past results. The malware does not need to be
Evasions Fest of Korean Android Financial Menace – FakeCalls Read More »
Eastern Asian Android Assault – FluHorse. Botconf 2024 Thursday2024-04-25 | 09:35 – 10:05 Alexandr Shamshur 🗣 | Raman Ladutska 🗣 The FluHorse malware features several malicious Android applications that mimic legitimate applications each with more than 100,000 installs. These malicious apps steal the victims’ credentials and Two-Factor Authentication (2FA) codes. FluHorse targets different sectors of Eastern Asian
Eastern Asian Android Assault – FluHorse. Read More »
Unplugging PlugX: Sinkholing the PlugX USB worm botnet Botconf 2024 Thursday2024-04-25 | 09:00 – 09:30 Félix Aimé 🗣 | Charles Meslay 🗣 In March 2023, Sophos published an article entitled “A border-hopping PlugX USB worm takes its act on the road” putting the light on a PlugX variant with worming capabilities. According to the Sophos blogspot, all
Unplugging PlugX: Sinkholing the PlugX USB worm botnet Read More »
Lightning talks Botconf 2024 Thursday2024-04-25 | 17:00 – 18:15 Éric Freyssinet 🗣 Edit
Everyone Gets a Webshell! Or, Backdooring Web Hosting Companies in Scale Botconf 2024 Wednesday2024-04-24 | 16:20 – 17:00 Daniel Frank 🗣 What happened when a flying-under-the-radar threat actor decided to directly go after web-hosting providers who host thousands of legitimate websites? How and why did they do it? These questions stand at the heart of
Everyone Gets a Webshell! Or, Backdooring Web Hosting Companies in Scale Read More »