The topic of this talk covers technical description of tactics, techniques, and procedures (TTPs) of the French-speaking financially motivated threat actor, codenamed OPERA1ER (NXSMS) as well as the details of the threat actor investigation carried out in collaboration with Law Enforcement authorities followed by an arrest of the key figure of the gang.
The presentation takes a deep dive into the operations of the prolific cybercrime syndicate that is confirmed to have stolen at least $11 million since 2019 in 30 targeted attacks describing the kill-chain of the attacks but also ways used to hunt and track malicious infrastructure and also methods used to identify one of the Opera1er members.