Unhiding the darkweb at scale
Unhiding the darkweb at scale Botconf 2018 Lightning talks | 17:20 – 18:15 Patrice Auffret 🗣 Edit PDF
Unhiding the darkweb at scale Read More »
Swimming in the Cryptonote Pools
Swimming in the Cryptonote Pools Botconf 2018 Wednesday | 10:20 – 11:00 Emilien Le Jamtel 🗣 In the world of cryptocurrency-related malware, mining currencies based on cryptonote technology like Monero (XMR) is a growing threat for organizations. We can observe that interest in such cryptocurrencies has increased dramatically for malicious actors those past months because
Swimming in the Cryptonote Pools Read More »
Code Cartographer’s Diary
Code Cartographer’s Diary Botconf 2018 Wednesday | 11:30 – 12:30 Daniel Plohmann 🗣 | Steffen Enders | Elmar Padilla At last year’s Botconf, we have launched Malpedia [1], our community-driven approach to create a free and independent resource for rapid identification and actionable context when investigating malware. While only touching the surface of analysis possibilities last time (mostly surveying
Code Cartographer’s Diary Read More »
In-depth Formbook Malware Analysis
In-depth Formbook Malware Analysis Botconf 2018 Wednesday | 15:00 – 15:40 Rémi Jullian 🗣 Form-grabber malware are nowadays quite common. They provide simple yet effective methods for stealing infected users’ credentials. They are named thereby since they target HTML forms’ submissions, made by web-browsers. Sometimes, they also provide classical password stealer capabilities such as key-logging,
In-depth Formbook Malware Analysis Read More »
Collecting Malicious Particles from Neutrino Botnets
Collecting Malicious Particles from Neutrino Botnets Botconf 2018 Wednesday | 16:40 – 17:20 Jakub Souček 🗣 | Jakub Tomanek 🗣 | Peter Kálnai Neutrino Bot (also known and detected as Win/Kasidet) is a rapidly changing threat. It first became known around December 2013. It has been actively developed ever since resulting in version 5.4 at the very beginning of
Collecting Malicious Particles from Neutrino Botnets Read More »
Automation, structured knowledge in Tactical Threat Intelligence
Automation, structured knowledge in Tactical Threat Intelligence Botconf 2018 Wednesday | 17:50 – 18:30 Ronan Mouchoux 🗣 | Ivan Kwiatkowski 🗣 The connected societies facing ever evolving risks, traditional cyber security solutions have been charged by the popular jury for incompetence. Yet they are working for what they have been designed for, the rise of targeted attacks
Automation, structured knowledge in Tactical Threat Intelligence Read More »
Hunting for Silence
Hunting for Silence Botconf 2018 Thursday | 11:50 – 12:40 Rustam Mirkasymov 🗣 Edit
Hunting for Silence Read More »
Fluxxy Dissection
Fluxxy Dissection Botconf 2020 Tuesday | 13:30 – 14:00 Matthieu Kaczmarek 🗣 The first reference to Fluxxy is due to N. Summerlin and B. Porter in 2013 [1]. They describe a network of proxy dedicated to cybercrime operations. While this rogue hosting service has been running for nine years, its intelligence coverage remains low. Fluxxy
Inline Detection of Copy-Paste Botnet C&C
Inline Detection of Copy-Paste Botnet C&C Botconf 2020 Tuesday | 14:00 – 14:30 Jordan Garzon 🗣 | Asaf Nadler 🗣 The source code of botnets is often leaked online and re-used by new botnets. The re-use of source code assists bot-owners in quickly setting up their botnets, but it also inherits similarities to known botnets that can
Inline Detection of Copy-Paste Botnet C&C Read More »
An overview of the Botnet Simulation Framework
An overview of the Botnet Simulation Framework Botconf 2020 Tuesday | 14:30 – 15:00 Leon Böck 🗣 | Shankar Karuppayah | Max Mühlhäuser | Emmanouil Vasilomanolakis Conducting botnet research is oftentimes limited to the anal-ysis of active botnets. This prevents researchers from testing detectionand tracking mechanisms on potential future threats. Specifically in thedomain of P2P botnets, the configuration parameters, network churnand
An overview of the Botnet Simulation Framework Read More »