BackSwap Malware Campaign Evolution Botconf 2019 Thursday | 15:20 – 15:40 Carlos Rubio Ricote 🗣 | David Pastor Sanz 🗣 This article will explain in detail the follow-up since the BackSwap malware was discovered in May 2018, as well as the different campaigns that the group behind BackSwap has carried out towards financial institutions from different countries, […]
BackSwap Malware Campaign Evolution Read More »
Winnti Arsenal: Brand-new Supplies Botconf 2019 Thursday | 16:10 – 16:50 Mathieu Tartare 🗣 | Marc-Étienne Léveillé 🗣 This presentation is the result of a long-term research uncovering new unpublished details on the arsenal of the Winnti umbrella. The Winnti umbrella consists in multiple threat actors having in common the use of a custom backdoor for their
Winnti Arsenal: Brand-new Supplies Read More »
DFIR & Crisis Management – Post-mortems & Lessons Learned in the Pain from the Field Botconf 2019 Thursday | 16:55 – 17:45 Vincent Nguyen 🗣 | Jean Marsault 🗣 | Antoine Vallée 🗣 This presentation aims to summarize the best wins & fails of crisis management based on our field experience. We will cover different phases of a crisis
DFIR & Crisis Management – Post-mortems & Lessons Learned in the Pain from the Field Read More »
End-to-end Botnet Monitoring with Automated Config Extraction and Emulated Network Participation Botconf 2019 Friday | 09:30 – 10:10 Kevin O’Reilly 🗣 | Keith Jarvis 🗣 With the quantity and sophistication of bots and botnets ever increasing, automation is key in gathering threat intelligence, and disseminating it to defence systems. With botnets’ rapid flux in nodes and update
Preinstalled Gems on Cheap Mobile Phones Botconf 2019 Thursday | 09:00 – 09:30 Laura Guevara 🗣 …/… Edit
Preinstalled Gems on Cheap Mobile Phones Read More »
Suricata for bot hunting and classification Botconf 2019 Tuesday | 14:00 – 17:30 Tatyana Shishkova 🗣 One of the distinguishing features of botnets is communication between the bot and the C&C server. Analyzing network traffic is a part of researching a botnet. Suricata, an open-source network threat detection engine, is a powerful tool not only
Suricata for bot hunting and classification Read More »
Static Android Malware Analysis Workshop Botconf 2019 Tuesday | 14:00 – 17:30 Max ‘Libra’ Kersten 🗣 Mobile phones are used more and more in our daily lives. Purely based on someone’s phone, one can find a lot of information: GPS data, chat history, photos, notes, and online banking applications. Because of this, mobile phones are
Static Android Malware Analysis Workshop Read More »
DeStroid – Fighting String Encryption in Android Malware Botconf 2019 Wednesday | 10:45 – 11:15 Daniel Baier 🗣 | Martin Lambertz 🗣 In this paper we present DeStroid, an approach to fully automatically decrypt obfuscated strings from Android apps. We focus in particular on current Android malware using advanced string encryption techniques and show that DeStroid outperforms
DeStroid – Fighting String Encryption in Android Malware Read More »
Golden Chickens: Uncovering A Malware-as-a-Service (MaaS) Provider and Two New Threat Actors Using It Botconf 2019 Wednesday | 11:20 – 12:00 Marco Riccardi 🗣 | Chaz Hobson 🗣 | Allison Ebel 🗣 …/… Edit
Unrevealing the Architecture Behind the Counter-Strike 1.6 Botnet: Zero-Days and Trojans Botconf 2019 Wednesday | 12:05 – 12:35 Ivan Korolev 🗣 | Igor Zdobnov 🗣 The Belonard Botnet was designed to promote servers in Counter-Strike 1.6. In order to achieve that, the botmaster employed the Belonard Trojan, which was spread via malicious game server; an infected pirated
Unrevealing the Architecture Behind the Counter-Strike 1.6 Botnet: Zero-Days and Trojans Read More »