This workshop takes us into the world of banking malware, and more specifically into researchers’ chase after configurations – the attack books that dictate which banks are targeted and how. These precious ever-changing fragments of data and the continuous change in the encryption methods, keeps us alert and on our tows.
In this workshop we learn about banking malware modus operandi and we play the role of the researcher, by going through a hands-on guided process of analyzing encrypted configurations and studying how data is protected. We shall study the way it is encrypted, eventually formulating a simple method of decryption. Our study case will be the infamous Dridex malware. Participants will be introduced to the world of banking fraud, gain an understanding of the process of researching encryption methods, acquire basic tools for addressing encrypted data of unknown format and enjoy the thrill of a live challenge.