Get Rich or Die Trying

In a World where oil is scarce and people click mail attachments they really shouldn’t, One Man sets out on an epic journey for glory, conquest, and other people’s money. So begins the amazing tale of the “Oil bot” campaign: a tale of a single man who ran a sting operation on a good share of the industrial sector, armed with nothing but his supply of off-the-shelf RATs, his very subpar OPSEC standards, and his Nigerian hutzpah. The talk will follow the entire course of Check Point’s investigation into this affair – from the few emails that didn’t add up, through the campaign’s not-so-intricate C&C infrastructure, to the point where we were inside the campaign, looking at all the incredulous details. How do you scam people into scamming other people? What leads a fraudster to leave a trail of incriminating footprints?

And what does a Nigerian scammer want with an energy company, anyway? One thing’s for sure: In this brave new world, the Nigerian prince is no longer happily calling to inform you that you should transfer your money to them; it is you who is angrily calling your bulk provider, asking where all your money went.


Mark Lechtik – Malware researcher at Check Point Software Technologies for the last 2 years. Deals mainly with reverse engineering and binary analysis. Loves to wallow in the dirts of any malware, dissecting it meticulously and digging out all the gory technical details. Also, was born in Kazakhstan and has prior acquaintance with Borat.
Or Eshed – Lead threat intelligence analyst in Check Point’s threat intelligence group. Has 10 years of experience in intelligence and investigations. Expertise in data analysis and pattern recognition.

Print Friendly, PDF & Email
Mark Lechtik

Mark Lechtik

Security Researcher at Check Point
Mark Lechtik
Mark Lechtik

Latest posts by Mark Lechtik (see all)

Or Eshed
A Senior Threat Intelligence Researcher at Check Point Software Technologies., with over ten years of unique intelligence and OPSEC experience.
Or Eshed

Latest posts by Or Eshed (see all)