Botconf Author Listing

Suguru Ishimaru


Last known affiliation: Kaspersky

Date: 2019-12-03
How to track an Android botnet by OSINT and APK analysis tools
Suguru Ishimaru 🗣 | Manabu Niseki 🗣 | Hiroaki Ogawa 🗣

Abstract (click to view)

Analyzing malware is an important part of preventing and detecting cyber threats. But it’s not enough. You should learn how malware is spread for understanding the overall threat landscape. So we’d like to propose a unique training which combines malware analysis and C2 / landing page detection by holding Roaming Mantis as an example.

Roaming Mantis is a campaign which uses DNS hijacking to distribute cyber threats such as web-mining, phishing and malicious Android applications. This criminals activities were discovered by Mcafee. After then, the campaign is named by Kaspersky in April 2018 and it’s still very active and rapidly evolving.

We’d like to propose a hands-on for research that takes the campaign as an example. More than 80% of our training is hands-on. Because, we believe analysts / researchers have doing own way everyday. So, we just want to share and introduce our way, method, tools and viewpoints with attendees through this course.

Date: 2019-12-06
Roaming Mantis: A Melting Pot of Android Bots
Suguru Ishimaru 🗣 | Manabu Niseki 🗣 | Hiroaki Ogawa 🗣

Abstract (click to view)

In March 2018, thousands of home routers were potentially compromised by a criminal campaign called “Roaming Mantis” in Japan to overwrite DNS settings to use a rogue DNS. This criminal has strong financial motivation. Devices under the compromised router, such as Android, iOS, PC were targeted. They have been rapidly improving their malicious contents for each platform. In addition, the attacker implemented their malicious contents which support 27 languages for targeting around the world. Based on our research, we would like to disclose the details of this campaign such as the mind of the criminals, the details of malicious contents and how they compromised routers to share with researchers and CERTs…

Slides Icon
PDF
TLP:GREEN
Date: 2024-04-26
Scroll to Top