Botconf Author Listing

Despite the ever growing number of malware families, botnets and criminal campaigns; there is only a defined few means by which malware can find its victims. This talk will be a deep dive into tracking exploit kits and the infrastructure behind them. Starting with using our own telemetry and Microsoft’s Malicious URL feed from their Bing crawler, a global visibility has been established into exploit kit activity and using this starting point, we will cover how to track and differentiate exploit kits, their payloads and campaigns and uncovering their backend infrastructure.

We have all seen the splashy headlines of large threats being subjected to takedowns only to re-emerge days (or hours) later. A few takedowns, however, have achieved long term results. This talk will focus on how recent successful operations were accomplished, what tools are the most helpful and what we all can do to make takedowns more frequent and more successful.