Takedown client-server botnets the ISP-way Botconf 2016 Thursday | 16:05 – 16:35 Quảng Trần Minh 🗣 Botnet is currently a existing threat to Internet users around the world. Users can lose money, personal information if infected. Bonet takedown has been a pressing need of many organizations in the world: the FBI, the national governments, the […]
Takedown client-server botnets the ISP-way Read More »
Detecting the Behavioral Relationships of Malware Connections Botconf 2016 Thursday | 16:40 – 17:10 Sebastián García 🗣 A normal computer infected with malware is difficult to detect. There have been several approaches in the last years which analyze the behavior of malware and obtain good results. The malware traffic may be detected, but it is
Detecting the Behavioral Relationships of Malware Connections Read More »
Analysis of Free Movies and Series Websites Guided by Users Search Terms Botconf 2016 Thursday | 17:15 – 17:35 Luis Alberto Benthin Sanguino 🗣 | Martin Clauß 🗣 Cybercriminals employ websites to infect victims with malware using techniques such as drive-by-download or social engineering. On the other hand, several approaches (e.g. client honeypots) exist to detect malicious
Analysis of Free Movies and Series Websites Guided by Users Search Terms Read More »
Nymaim Origins, Revival and Reversing Tales Botconf 2016 Friday | 09:30 – 10:00 Alberto Ortega 🗣 In this presentation we will talk about the return of Nymaim. We will emphasize on how they got into banking fraud and the complexity they added to the code to make reversing tough and also overcome dynamic analysis, signature
Nymaim Origins, Revival and Reversing Tales Read More »
Rough Diamonds in Banking Botnets Botconf 2016 Friday | 10:05 – 10:55 Jose Miguel Esparza 🗣 | Frank Ruiz 🗣 Millions of computers are infected and become part of botnets every day. Our relatives and most of our friends are happily infected, but some of these bots are more important than others. Botnet herders are aware of
Rough Diamonds in Banking Botnets Read More »
ISFB, Still Live and Kicking Botconf 2016 Friday | 11:25 – 12:15 Maciej Kotowicz 🗣 Also known as Gozi2/Ursnif, sometimes Rovnix, ISFB reappeared in early 2013 attracting some attention from the research community and a lot of confusion in the naming convention and to what was being analyzed. Then suddenly, it went dark again. However,
ISFB, Still Live and Kicking Read More »
Challenges for a cross-jurisdictional botnet takedown Botconf 2016 Friday | 12:20 – 13:00 Margarita Louca 🗣 Practical case: how legislation can improve Law Enforcement effectiveness in pursuing criminals acting in an international environment.What to do when criminals act as if they were multinational enterprises, delocalizing their criminal services across multiple jurisdictions? When Internet is borderless
Challenges for a cross-jurisdictional botnet takedown Read More »
Preventing File-Based Botnet Persistence and Growth Botconf 2016 Friday | 14:00 – 14:30 Kurtis Armour 🗣 In the current threat landscape, we see most botnets propagating via exploits and file based malware. Anything that touches the disk has the ability to be blocked via access controls on the host. New techniques utilize more than just
Preventing File-Based Botnet Persistence and Growth Read More »
Dridex Gone Phishing Botconf 2016 Friday | 14:35 – 15:15 Magal Baz 🗣 | Gal Meiri 🗣 In January 2016, we discovered a new modus operandi launched by Evil Corp, the organization that owned and operated Dridex banking Trojan. A new build was released to the wild, using Andromeda botnet platform, mainly targeting users in the UK.
Dridex Gone Phishing Read More »
Function Identification and Recovery Signature Tool Botconf 2016 Thursday | 12:20 – 12:50 Angel Villegas 🗣 Reverse Engineering benign or malicious samples can take a considerable amount of time and new samples are created daily. Leveraging disassemblers, like IDA Pro, a reverse engineer can analyze the same routines across several samples over the lifetime of
Function Identification and Recovery Signature Tool Read More »