IcedID’s Icy Depths: A Year in Infrastructure and Trends Botconf 2024 Friday2024-04-26 | 09:30 – 10:10 Rachelle Goddin 🗣 | Josh Hopkins 🗣 This talk is a continuation on the subject of IcedID, which we presented at Botconf 2023. In our previous talk we covered methodologies for hunting IcedID infrastructure, subsequently explaining how we use these findings […]
IcedID’s Icy Depths: A Year in Infrastructure and Trends Read More »
Rhadamanthys: The new stealer making WAVs in the eCrime landscape Botconf 2024 Friday2024-04-26 | 10:10 – 10:30 Bea Venzon 🗣 In September 2022, Rhadamanthys first appeared in the eCrime landscape, with detailed forum posts that continue to capture the attention of both threat actors and security researchers. The malware itself is technically complex, utilizing a
Rhadamanthys: The new stealer making WAVs in the eCrime landscape Read More »
Monitoring 1st stage samples used by APTs and crime actors using images Botconf 2024 Friday2024-04-26 | 11:00 – 11:35 Jose Luis Sanchez Martinez 🗣 Images are a common feature of documents, but they can also be a valuable source of intelligence for security analysts. By tracking the images that threat actors use in their documents
Monitoring 1st stage samples used by APTs and crime actors using images Read More »
Malware distribution at scale – The ecosystem of TA577 Botconf 2024 Friday2024-04-26 | 12:10 – 12:40 Fabian Marquardt 🗣 TA577, also known as Tramp or TR is a prolific cybercrime actor that has specialized in distributing initial access malware to conduct ransomware attacks. Our talk at Botconf will be structured as follows. First, we give
Malware distribution at scale – The ecosystem of TA577 Read More »
A Taxonomic Overview of Prevalent Malware Communication Strategies Botconf 2024 Friday2024-04-26 | 13:40 – 14:10 Steffen Enders 🗣 | Daniel Plohmann 🗣 | Manuel Blatt The consistently large volume and diversity of malware poses a substantial threat to network security. In response, it is crucial to develop systematic strategies and countermeasures. This involves not only detecting and identifying malware
A Taxonomic Overview of Prevalent Malware Communication Strategies Read More »
Evasive Panda touring in Asia: AitM opening act followed by a duet of MgBot and Nightdoor Botconf 2024 Friday2024-04-26 | 14:10 – 14:50 Facundo Munoz 🗣 | Anh Ho 🗣 Evasive Panda, a China-aligned APT group engaged in cyberespionage since 2012, has recently introduced a not yet publicly documented backdoor, which we’ve named Nightdoor. Prior to this
Pikabot’s Sophisticated Evasion: We Catch Em All Botconf 2024 Friday2024-04-26 | 14:50 – 15:30 Kelsey Merriman 🗣 | Pim Trouerbach 🗣 The proliferation of sophisticated malware has posed exceptional challenges to the cybersecurity landscape with Pikabot emerging as a notable and evasive malware. We endeavor to provide a comprehensive and consumable analysis of the Pikabot malware. Utilizing
Pikabot’s Sophisticated Evasion: We Catch Em All Read More »
Into the Vapor to Tracking Down Unknown Panda’s Claw Marks Botconf 2024 Friday2024-04-26 | 15:30 – 16:10 Suguru Ishimaru 🗣 | Yusuke Niwa 🗣 | Motohiko Sato In August 2023, TrendMicro published a blog post announcing a new sophisticated Advanced Persistent Threat (APT) campaign known as “Earth Estries.” The campaign specifically targeted government-related organizations and technology companies in the
Into the Vapor to Tracking Down Unknown Panda’s Claw Marks Read More »
IoT Malware and Rookit Detections Using Electromagnetic Insights: Unveiling the Unseen Botconf 2024 Friday2024-04-26 | 11:35 – 12:10 Duy Phuc Pham 🗣 | Damien Marion 🗣 | Annelie Heuser The Internet of Things (IoT) is a network of interconnected devices, becoming increasingly complicated and suffering from inadequate security measures. Cybercriminals, especially those who specialise in malware and rootkits, recently
IoT Malware and Rookit Detections Using Electromagnetic Insights: Unveiling the Unseen Read More »