Editorial team

Tricky obfuscation techniques for C2 communication? Just detect them all!

Botconf presentation or article /

Tricky obfuscation techniques for C2 communication? Just detect them all! Botconf 2025 Thursday2025-05-22 | 10:55 – 11:35 Kseniia Naumova 🗣 Today most malware and botnets use network communication for tasks such as downloading malicious files, sending stolen data, receiving commands from the C2, etc. Researchers worldwide analyze millions of network traffic streams daily to search

Tricky obfuscation techniques for C2 communication? Just detect them all! Read More »

Doit: Convoluted Stealer Targeting LATAM-Based Users

Botconf presentation or article /

Doit: Convoluted Stealer Targeting LATAM-Based Users Botconf 2025 Thursday2025-05-22 | 12:05 – 12:25 Kevin Ratto 🗣 In late 2022, an unidentified AutoIt-based eCrime stealer was observed in the wild; it was named Doit. The malware was initially delivered via email spam campaigns targeting users from Chile, Mexico and Peru. In 2023, Doit shifted to exclusively

Doit: Convoluted Stealer Targeting LATAM-Based Users Read More »

No Endgame in sight – Pivoting from previous dropper malwares to current Latrodectus campaigns

Botconf presentation or article /

No Endgame in sight – Pivoting from previous dropper malwares to current Latrodectus campaigns Botconf 2025 Thursday2025-05-22 | 11:35 – 12:05 Fabian Marquardt 🗣 | Andreas Petker 🗣 Our work focuses not on the malware itself, but on the infrastructure and methodology used to orchestrate the malware distribution and operation. We show through correlation of both TTPs

No Endgame in sight – Pivoting from previous dropper malwares to current Latrodectus campaigns Read More »

Bigpanzi: The Cybercrime Syndicate Behind Million-device Botnets

Botconf presentation or article /

Bigpanzi: The Cybercrime Syndicate Behind Million-device Botnets Botconf 2025 Thursday2025-05-22 | 13:55 – 14:40 Alex Turing 🗣 With the rapid proliferation of internet-connected devices, cybercrime groups have expanded their reach to increasingly diverse targets. While IoT-based botnets are common, large-scale infections involving set-top boxes (STBs), TV remain rare, especially at the scale of millions of

Bigpanzi: The Cybercrime Syndicate Behind Million-device Botnets Read More »

Stronger Together – Disrupting The Ngioweb Botnet Powering The NSOCKS Proxy Service

Botconf presentation or article /

Stronger Together – Disrupting The Ngioweb Botnet Powering The NSOCKS Proxy Service Botconf 2025 Thursday2025-05-22 | 09:40 – 10:25 Chris Formosa 🗣 Proxy services have become a primary tool for many threat actors to obfuscate their tracks, due to their low prices and access to clean residential IPs in many locations. Although the “ngioweb” botnet

Stronger Together – Disrupting The Ngioweb Botnet Powering The NSOCKS Proxy Service Read More »

Arming WinRAR: Deep dive into clusters of SideCopy APT and its correlation with Transparent Tribe

Botconf presentation or article /

Arming WinRAR: Deep dive into clusters of SideCopy APT and its correlation with Transparent Tribe Botconf 2025 Thursday2025-05-22 | 09:00 – 09:40 Sathwik Ram Prakki 🗣 | Kartik Jivani 🗣 In the aftermath of the disclosure of vulnerabilities within WinRAR, a concerning trend has emerged wherein multiple advanced persistent threat (APT) groups and malicious actors have leveraged

Arming WinRAR: Deep dive into clusters of SideCopy APT and its correlation with Transparent Tribe Read More »

Combining ChatGPT to Monitor the Ecosystem of DDoS Botnets on Telegram

Botconf presentation or article /

Combining ChatGPT to Monitor the Ecosystem of DDoS Botnets on Telegram Botconf 2025 Thursday2025-05-22 | 15:50 – 16:30 Daji Ren 🗣 DDoS botnet attackers have consistently been in the spotlight of cyber threats, generating significant headlines over the past year. Telegram’s lenient content regulation has facilitated the growth of numerous related criminal groups. Meanwhile, the

Combining ChatGPT to Monitor the Ecosystem of DDoS Botnets on Telegram Read More »

Scroll to Top