Evasions Fest of Korean Android Financial Menace – FakeCalls Botconf 2024 Thursday2024-04-25 | 10:10 – 10:40 Raman Ladutska 🗣 | Bohdan Melnykov When malware actors want to enter the business, they can choose markets where their profit is almost guaranteed to be worth the effort – according to past results. The malware does not need to be […]
Evasions Fest of Korean Android Financial Menace – FakeCalls Read More »
LightSpy2: feature-rich mobile surveillance tool set Botconf 2024 Thursday2024-04-25 | 11:00 – 11:30 Victor Chebyshev 🗣 Mobile malware poses a significant threat to user privacy and security, with the potential to carry out a wide range of malicious actions on infected devices. Beyond the familiar capabilities such as SMS message theft, call log recording, and
LightSpy2: feature-rich mobile surveillance tool set Read More »
The Supershell and its widespread Botnet Botconf 2024 Thursday2024-04-25 | 11:35 – 12:05 Chetan Raghuprasad 🗣 This presentation details the Supershell C2 framework. Threat actors are using this framework massively and creating botnets with the Supershell implants. Supershell is a relatively new C2 framework with a WEB-based command and control (C2) server written in Python
The Supershell and its widespread Botnet Read More »
Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos Botconf 2024 Thursday2024-04-25 | 12:05 – 12:35 Alexey Bukhteyev 🗣 | Arie Olshtein In the ever-evolving landscape of cyber threats, seemingly legitimate tools have taken a dark turn, emerging as potent weapons in the hands of cybercriminals. Notable examples include the Remcos RAT and GuLoader (also known
Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos Read More »
Gozi ISFB – Memoirs of a banking trojan Botconf 2024 Thursday2024-04-25 | 13:50 – 14:30 Fred Harrison 🗣 Gozi ISFB has been a persistent banking trojan that has gone through many changes over its lifetime. Being observed for generic and banking fraud campaigns but also now slowly pivoting into the ransomware as a service world
Gozi ISFB – Memoirs of a banking trojan Read More »
GenRex Demonstration: Level Up Your Regex Game Botconf 2024 Thursday2024-04-25 | 14:35 – 15:15 Dominika Regéciová 🗣 GenRex is a unique tool for detecting similarities in artifacts from executable files and the generation of regular expressions. This paper demonstrates how to use GenRex to maximize the usage of regular expressions automatically created from behavioral reports
GenRex Demonstration: Level Up Your Regex Game Read More »
Telegram-as-a-C2 or a Fourfold Tale of Bad OPSEC Botconf 2024 Thursday2024-04-25 | 15:40 – 16:10 Pol Thill 🗣 In recent times, Telegram Bots have emerged as a prominent Command and Control (C2) mechanism, gaining popularity among threat actors for their resilience against takedowns, user-friendly setup, and versatile configuration options. Both Advanced Persistent Threats (APTs) and
Telegram-as-a-C2 or a Fourfold Tale of Bad OPSEC Read More »
Caviar Scammers: Uncovering the SturgeonPhisher APT Group Botconf 2024 Thursday2024-04-25 | 16:15 – 16:55 Damien Schaeffer 🗣 SturgeonPhisher is a cyberespionage group active since at least October 2021 and that is also known as YoroTrooper. The group targets government officials, think-tanks, and employees of state-owned companies mostly in countries bordering the Caspian Sea – the
Caviar Scammers: Uncovering the SturgeonPhisher APT Group Read More »
Lightning talks Botconf 2024 Thursday2024-04-25 | 17:00 – 18:15 Éric Freyssinet 🗣 Edit
DESKTOP-Group –The Saga continues Botconf 2024 Lightning talks2024-04-25 Tom Ueltschi 🗣 Edit PDF
DESKTOP-Group –The Saga continues Read More »