Honor Among Thieves:How Stealer Malware Fuels an Underground Economy of Compromised Accounts Botconf 2019 Thursday | 09:35 – 10:15 Brian Carter 🗣 Stealers are a class of malicious software that reads in saved credentials from common programs on computers and sends them to criminals who will attempt to monetize the stolen information. This presentation covers […]
Bot with Rootkit: Update and Mine! Botconf 2019 Thursday | 10:20 – 10:40 Alexander Eremin 🗣 | Alexey Shulmin 🗣 In June of 2019 we got an interesting sample. When analyzing the activity of this sample, we noticed that for some reason it downloaded a legitimate Microsoft update KB3033929 from its own CnC and installed it on
Bot with Rootkit: Update and Mine! Read More »
“DESKTOP-Group” – Tracking a Persistent Threat Group (using Email Headers) Botconf 2019 Thursday | 11:10 – 11:40 Tom Ueltschi 🗣 At BotConf 2015, I presented a lightning talk “Creating your own CTI in 3 minutes”. This presentation is building on that capability to do semi-automated malware analysis based on a commercial sandbox solution. I will
“DESKTOP-Group” – Tracking a Persistent Threat Group (using Email Headers) Read More »
The Bagsu Banker Case Botconf 2019 Thursday | 11:45 – 12:10 Benoit Ancel 🗣 The carding ecosystem is constantly evolving. The actors have to adapt their methodology to continue to steal from the banks with a good cost effectiveness ratio. To maintain this balance, the carders have moved towards infrastructure as a service, making the
The Bagsu Banker Case Read More »
How to track an Android botnet by OSINT and APK analysis tools Botconf 2019 Tuesday | 13:00 – 18:30 Suguru Ishimaru 🗣 | Manabu Niseki 🗣 | Hiroaki Ogawa 🗣 Analyzing malware is an important part of preventing and detecting cyber threats. But it’s not enough. You should learn how malware is spread for understanding the overall threat landscape.
How to track an Android botnet by OSINT and APK analysis tools Read More »
Yara: Down the Rabbit Hole Without Slowing Down Botconf 2022 Thursday | 11:35 – 12:05 Dominika Regéciová 🗣 Terry and John are two malware analysts working for an unnamed antivirus company. Terry has worked there for many years, and he is helping John, who started recently, to learn more about their work. John is starting
Yara: Down the Rabbit Hole Without Slowing Down Read More »
Detecting emerging malware on cloud before VirusTotal can see it Botconf 2022 Thursday | 12:10 – 12:40 Anastasia Poliakova 🗣 | Andreas Pfadler 🗣 | Yuriy Yuzifovich | Ali Fakeri-Tabrizi | Gan Feng | Hongliang Liu | Thanh Nguyen In this session, we will present our approach for detecting newly emerging malware on a cloud platform and predicting its behavior, and doing so before VirusTotal or any
Detecting emerging malware on cloud before VirusTotal can see it Read More »
Warning! Botnet is in your house… Botconf 2022 Thursday | 14:00 – 14:40 Vitaly Simonovich 🗣 | Sarit Yerushalmi 🗣 Edit PDF Video
Warning! Botnet is in your house… Read More »
How Formbook became XLoader and migrated to macOS Botconf 2022 Thursday | 14:45 – 15:15 Alexey Bukhteyev 🗣 | Raman Ladutska 🗣 In this talk we analyze a prevalent malware family Formbook and its successor XLoader from different angles, including OSINT and technical sides. XLoader is a logical step in Formbook’s evolution, it is now able to
How Formbook became XLoader and migrated to macOS Read More »
SandyBlacktail: Following the footsteps of a commercial offensive malware in the Middle East Botconf 2022 Thursday | 16:00 – 16:40 Aseel Kayal 🗣 | Mark Lechtik 🗣 | Paul Rascagnères 🗣 | Vasily Berdnikov Edit