Keynote – Putting an end to Retadup
Keynote – Putting an end to Retadup Botconf 2019 Wednesday | 14:00 – 14:50 Gilles Schwoerer 🗣 | Michal Salat 🗣 Edit
Keynote – Putting an end to Retadup Read More »
Keynote – Putting an end to Retadup Botconf 2019 Wednesday | 14:00 – 14:50 Gilles Schwoerer 🗣 | Michal Salat 🗣 Edit
Keynote – Putting an end to Retadup Read More »
An Android Botnet Analysis – Shaoye Botnet Botconf 2019 Wednesday | 14:55 – 15:35 Min-Chun Tsai 🗣 | Jen-Ho Hsiao 🗣 | Ding-You Hsiao 🗣 The action of Shaoye botnet started from June 2017. The peak of attacks was seen in January 2018. TWNCERT (Taiwan National Computer Emergency Response Team) received the intelligence about a DNS hijack from Japan
An Android Botnet Analysis – Shaoye Botnet Read More »
Tracking botnets with Long Term Sandboxing Botconf 2019 Wednesday | 16:05 – 16:45 Piotr Białczak 🗣 | Adrian Korczak 🗣 Sandbox systems have become an efficient way to analyze malware behavior. They can provide information about malware in a quick and automatic manner. However their analysis time is usually limited only to a couple of minutes, thus
Tracking botnets with Long Term Sandboxing Read More »
Insights and Trends in the Data-Center Security Landscape Botconf 2019 Wednesday | 16:50 – 17:30 Daniel Goldberg 🗣 | Ophir Harpaz 🗣 We deployed a large collection of high-interaction deception servers deployed in multiple cloud environments worldwide. Each such deception machine is capable of capturing and recording attacks on various services. This infrastructure provides us with a
Insights and Trends in the Data-Center Security Landscape Read More »
The Hunt for 3ve Botconf 2019 Wednesday | 17:35 – 18:15 Dimitris Theodorakis 🗣 | Ryan Castellucci 🗣 3ve (pronounced “Eve”) was a global, complex family of online ad fraud operations, each designed to evade detection. A cross-industry alliance dismantled 3ve, resulting in the indictment and arrest of its perpetrators. This is the first time that consequences
Guildma: Timers Sent from Hell Botconf 2019 Wednesday | 18:20 – 19:00 Adolf Středa 🗣 | Luigino Camastra 🗣 | Jan Vojtěšek 🗣 For several months now, we have been tracking a malware campaign called Guildma. Guildma is powerful combination of a RAT (remote access tool), spyware, password stealer and banker malware, mainly distributed via malicious attachments in phishing
Guildma: Timers Sent from Hell Read More »
Honor Among Thieves:How Stealer Malware Fuels an Underground Economy of Compromised Accounts Botconf 2019 Thursday | 09:35 – 10:15 Brian Carter 🗣 Stealers are a class of malicious software that reads in saved credentials from common programs on computers and sends them to criminals who will attempt to monetize the stolen information. This presentation covers
Bot with Rootkit: Update and Mine! Botconf 2019 Thursday | 10:20 – 10:40 Alexander Eremin 🗣 | Alexey Shulmin 🗣 In June of 2019 we got an interesting sample. When analyzing the activity of this sample, we noticed that for some reason it downloaded a legitimate Microsoft update KB3033929 from its own CnC and installed it on
Bot with Rootkit: Update and Mine! Read More »
“DESKTOP-Group” – Tracking a Persistent Threat Group (using Email Headers) Botconf 2019 Thursday | 11:10 – 11:40 Tom Ueltschi 🗣 At BotConf 2015, I presented a lightning talk “Creating your own CTI in 3 minutes”. This presentation is building on that capability to do semi-automated malware analysis based on a commercial sandbox solution. I will
“DESKTOP-Group” – Tracking a Persistent Threat Group (using Email Headers) Read More »
The Bagsu Banker Case Botconf 2019 Thursday | 11:45 – 12:10 Benoit Ancel 🗣 The carding ecosystem is constantly evolving. The actors have to adapt their methodology to continue to steal from the banks with a good cost effectiveness ratio. To maintain this balance, the carders have moved towards infrastructure as a service, making the
The Bagsu Banker Case Read More »