The Bagsu Banker Case Botconf 2019 Thursday | 11:45 – 12:10 Benoit Ancel 🗣 The carding ecosystem is constantly evolving. The actors have to adapt their methodology to continue to steal from the banks with a good cost effectiveness ratio. To maintain this balance, the carders have moved towards infrastructure as a service, making the […]
The Bagsu Banker Case Read More »
How to track an Android botnet by OSINT and APK analysis tools Botconf 2019 Tuesday | 13:00 – 18:30 Suguru Ishimaru 🗣 | Manabu Niseki 🗣 | Hiroaki Ogawa 🗣 Analyzing malware is an important part of preventing and detecting cyber threats. But it’s not enough. You should learn how malware is spread for understanding the overall threat landscape.
How to track an Android botnet by OSINT and APK analysis tools Read More »
Honeypot + graph learning + reasoning = scale up your emerging threat analysis Botconf 2020 Friday | 14:50 – 15:20 Ali Fakeri-Tabrizi 🗣 | Hongliang Liu 🗣 | Anastasia Poliakova | Yohai Einav You must see thousands of new threats hitting your honeypot, what would you do next? Buying more coffee for the security research team so they can keep analyzing
Honeypot + graph learning + reasoning = scale up your emerging threat analysis Read More »
A detailed look into the Mozi P2P IoT botnet Botconf 2020 Thursday | 13:00 – 13:20 Andreas Klopsch 🗣 | Chris Dietrich 🗣 | Raphael Springer 🗣 Since December 2019, we have reverse engineered and tracked the activity and infection population of a botnet family referred to as Mozi that infects Linux-based Internet-of-Things (IoT) devices. Mozi implements a peer-to-peer
A detailed look into the Mozi P2P IoT botnet Read More »
Fritzfrog: A Story of a Unique P2P Botnet Botconf 2020 Wednesday | 13:50 – 14:20 Ophir Harpaz 🗣 Botnets, as Botconf’s participants know very well, vary significantly. Their goals differ, as well as their TTPs and implementations. Nonetheless, most of them usually share the property of connecting to a remote attack server. In fact, great
Fritzfrog: A Story of a Unique P2P Botnet Read More »
Hunting the Quasar Family – How to Hunt a Malware Family Botconf 2020 Wednesday | 13:20 – 13:50 Shusei Tomonaga 🗣 | Tomoaki Tani 🗣 | Kota Kino 🗣 QuasarRAT is the most famous open source RAT project among many. Since xRAT (the predecessor of Quasar RAT) was released in 2014, many attackers have deployed this RAT in many
Hunting the Quasar Family – How to Hunt a Malware Family Read More »
APKatche Me If You Can Uncovering Obfuscation-as-a-Service for Malicious Android Applications Botconf 2020 Thursday | 14:20 – 14:50 Masarah Paquet-Clouston 🗣 | Vit Šembera 🗣 | Maria Jose Erquiaga | Sebastián García Hide away! A well-obfuscated malicious application can run on a device for a long time without detection, avoiding the-cat-and-mouse race between attackers and defenders. Still, how easy is it
The Winnti Group: an analysis of their latest activities Botconf 2020 Thursday | 13:50 – 14:20 Mathieu Tartare 🗣 The Winnti Group, active since at least 2012, is responsible for high-profile supply-chain attacks against the video game and software industries, as well as the healthcare and education sector. Some of their most notorious attacks were
The Winnti Group: an analysis of their latest activities Read More »
A Proposed Civil Liability Framework for Disrupting Botnets, with a particular focus on Smart Devices Botconf 2020 Thursday | 13:20 – 13:50 Iain Nash 🗣 This paper proposes a legal methodology aimed at disrupting Botnets, whose nodes are mostly comprised of Smart Devices. The methodology allows for the attachment of civil liability to both the
Hunting MageCart Skimmers Botconf 2020 Wednesday | 13:00 – 13:20 Max ‘Libra’ Kersten 🗣 Unsuspecting online shoppers risk credit card fraud by shopping on legitimate websites due to online credit card skimming. The COVID-19 pandemic forced many to shop online, unwillingly helping the criminals behind the online credit card skimmer operations. Aside from covering different
Hunting MageCart Skimmers Read More »