Alexey Bukhteyev
Last known affiliation: Check Point
Bio: Alexey Buhkteyev is a malware reverse engineer at Check Point Software Technologies. He specializes in malware research automation, Windows kernel mode development and macOS emulation. He also researches inside malware with the help of disassemblers, debuggers, and other tools. His final goal is to say what a researched piece of malware does and how it does it.
Date: 2022-04-28
How Formbook became XLoader and migrated to macOS
Alexey Bukhteyev 🗣 | Raman Ladutska 🗣
Alexey Bukhteyev 🗣 | Raman Ladutska 🗣
Abstract (click to view)
In this talk we analyze a prevalent malware family Formbook and its successor XLoader from different angles, including OSINT and technical sides. XLoader is a logical step in Formbook’s evolution, it is now able to target not only Windows but macOS as well.
Our aim is to help the listeners understand how the malware topped up prevalence lists, which approaches and tools to use for the analysis of this and other cases and how to stay protected from this threat.