The Dark Side of the ForSSHe Botconf 2018 Thursday | 16:30 – 17:20 Romain Dumont 🗣 | Hugo Porcher 🗣 In February 2014, ESET researchers from Montreal published a report on a group who compromised more than 40,000 Linux servers worldwide since 2011. ESET named this campaign Windigo. At the centre of this operation, Ebury, an OpenSSH […]
The Dark Side of the ForSSHe Read More »
Mirai: Beyond the Aftermath Botconf 2018 Friday | 10:10 – 10:40 Rommel Joven 🗣 | David Maciejak | Jasper Manuel Two years have passed since Mirai unleashed its wrath to the world by targeting high profile victims. Many things have happened since then, the good, the author responsible has already been convicted, the bad, source code was released to
Mirai: Beyond the Aftermath Read More »
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Botconf 2018 Friday | 11:10 – 11:50 Piotr Białczak 🗣 When we analyze malware C&C network traffic we often see that it contains HTTP protocol. Sometimes the messages are obfuscated and sometimes sent as plain text. They can be intentionally crafted to look
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Read More »
Stagecraft of Malicious Office Documents – A Look at Recent Campaigns Botconf 2018 Thursday | 10:20 – 10:50 Nirmal Singh 🗣 | Deepen Desai 🗣 | Tarun Dewan 🗣 Malicious office documents have become a favorite malware delivery tool for malware authors. We have observed an increase in use of malicious documents over past 4 years. 30% of the
Stagecraft of Malicious Office Documents – A Look at Recent Campaigns Read More »
Let’s Go with a Go RAT! Botconf 2018 Friday | 11:50 – 12:20 Yoshihiro Ishikawa 🗣 | Shinichi Nagano 🗣 The Go language (GoLang) is an open source programming language developed by Google Inc. in 2009, and it can be run on various platforms such as Linux, Mac, Windows, Android.Speaking of malware using Golang, Mirai is one
Let’s Go with a Go RAT! Read More »
Judgement Day Botconf 2018 Thursday | 15:10 – 16:00 Thomas Siebert 🗣 – Suspsense 🙂 Edit
Tracking Actors through their Webinjects Botconf 2018 Friday | 12:20 – 13:00 James Wyke 🗣 Webinjects have been a feature of banking malware ever since they were popularised with great success by early families such as Zeus. In that time writing Webinjects has become a highly specialized skill with off-the-shelf Webinjects systems becoming as popular
Tracking Actors through their Webinjects Read More »
Unhiding the darkweb at scale Botconf 2018 Lightning talks | 17:20 – 18:15 Patrice Auffret 🗣 Edit PDF
Unhiding the darkweb at scale Read More »
Swimming in the Cryptonote Pools Botconf 2018 Wednesday | 10:20 – 11:00 Emilien Le Jamtel 🗣 In the world of cryptocurrency-related malware, mining currencies based on cryptonote technology like Monero (XMR) is a growing threat for organizations. We can observe that interest in such cryptocurrencies has increased dramatically for malicious actors those past months because
Swimming in the Cryptonote Pools Read More »
Code Cartographer’s Diary Botconf 2018 Wednesday | 11:30 – 12:30 Daniel Plohmann 🗣 | Steffen Enders | Elmar Padilla At last year’s Botconf, we have launched Malpedia [1], our community-driven approach to create a free and independent resource for rapid identification and actionable context when investigating malware. While only touching the surface of analysis possibilities last time (mostly surveying
Code Cartographer’s Diary Read More »