Editorial team

Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos Botconf 2024 Thursday2024-04-25 | 12:05 – 12:35 Alexey Bukhteyev 🗣 | Arie Olshtein In the ever-evolving landscape of cyber threats, seemingly legitimate tools have taken a dark turn, emerging as potent weapons in the hands of cybercriminals. Notable examples include the Remcos RAT and GuLoader (also known […]

Gozi ISFB – Memoirs of a banking trojan Botconf 2024 Thursday2024-04-25 | 13:50 – 14:30 Fred Harrison 🗣 Gozi ISFB has been a persistent banking trojan that has gone through many changes over its lifetime. Being observed for generic and banking fraud campaigns but also now slowly pivoting into the ransomware as a service world

GenRex Demonstration: Level Up Your Regex Game Botconf 2024 Thursday2024-04-25 | 14:35 – 15:15 Dominika Regéciová 🗣 GenRex is a unique tool for detecting similarities in artifacts from executable files and the generation of regular expressions. This paper demonstrates how to use GenRex to maximize the usage of regular expressions automatically created from behavioral reports

Telegram-as-a-C2 or a Fourfold Tale of Bad OPSEC Botconf 2024 Thursday2024-04-25 | 15:40 – 16:10 Pol Thill 🗣 In recent times, Telegram Bots have emerged as a prominent Command and Control (C2) mechanism, gaining popularity among threat actors for their resilience against takedowns, user-friendly setup, and versatile configuration options. Both Advanced Persistent Threats (APTs) and

Caviar Scammers: Uncovering the SturgeonPhisher APT Group Botconf 2024 Thursday2024-04-25 | 16:15 – 16:55 Damien Schaeffer 🗣 SturgeonPhisher is a cyberespionage group active since at least October 2021 and that is also known as YoroTrooper. The group targets government officials, think-tanks, and employees of state-owned companies mostly in countries bordering the Caspian Sea – the