Botconf 2020

It Hurt Itself in Confusion: No distribute scanners and stealthy malware

Botconf presentation or article /

It Hurt Itself in Confusion: No distribute scanners and stealthy malware Botconf 2020 Friday | 14:00 – 14:20 Liv Rowley 🗣 | Mathieu Gaucheler 🗣 No distribute antivirus scanners (NDSs) provide cybercriminals with the ability to test the stealthiness of their malware before ever using it. As NDSs do not distribute hashes, they’re the ideal cybercriminal testing […]

It Hurt Itself in Confusion: No distribute scanners and stealthy malware Read More »

Building and maintaining a honeypot for medical devices

Botconf presentation or article /

Building and maintaining a honeypot for medical devices Botconf 2020 Friday | 14:20 – 14:50 Axelle Apvrille 🗣 As confinement against COVID-19 began, I decided to do my part and help secure medical devices. I built a honeypot for medical devices, both to lure attackers off real equipment and to learn how they intended to

Building and maintaining a honeypot for medical devices Read More »

Tracking Unsafe Services that are Hosted by Bots using IP Reputation

Botconf presentation or article /

Tracking Unsafe Services that are Hosted by Bots using IP Reputation Botconf 2020 Tuesday | 13:10 – 13:30 Asaf Nadler 🗣 | Jordan Garzon 🗣 In this talk, we present a system to identify and track unsafe services that are hosted on bots. The system operates by identifying services whose hosting IP address was marked as a

Tracking Unsafe Services that are Hosted by Bots using IP Reputation Read More »

Honeypot + graph learning + reasoning = scale up your emerging threat analysis

Botconf presentation or article /

Honeypot + graph learning + reasoning = scale up your emerging threat analysis Botconf 2020 Friday | 14:50 – 15:20 Ali Fakeri-Tabrizi 🗣 | Hongliang Liu 🗣 | Anastasia Poliakova | Yohai Einav You must see thousands of new threats hitting your honeypot, what would you do next? Buying more coffee for the security research team so they can keep analyzing

Honeypot + graph learning + reasoning = scale up your emerging threat analysis Read More »

A detailed look into the Mozi P2P IoT botnet

Botconf presentation or article /

A detailed look into the Mozi P2P IoT botnet Botconf 2020 Thursday | 13:00 – 13:20 Andreas Klopsch 🗣 | Chris Dietrich 🗣 | Raphael Springer 🗣 Since December 2019, we have reverse engineered and tracked the activity and infection population of a botnet family referred to as Mozi that infects Linux-based Internet-of-Things (IoT) devices. Mozi implements a peer-to-peer

A detailed look into the Mozi P2P IoT botnet Read More »

Hunting the Quasar Family – How to Hunt a Malware Family

Botconf presentation or article /

Hunting the Quasar Family – How to Hunt a Malware Family Botconf 2020 Wednesday | 13:20 – 13:50 Shusei Tomonaga 🗣 | Tomoaki Tani 🗣 | Kota Kino 🗣 QuasarRAT is the most famous open source RAT project among many. Since xRAT (the predecessor of Quasar RAT) was released in 2014, many attackers have deployed this RAT in many

Hunting the Quasar Family – How to Hunt a Malware Family Read More »

APKatche Me If You Can Uncovering Obfuscation-as-a-Service for Malicious Android Applications

Botconf presentation or article /

APKatche Me If You Can Uncovering Obfuscation-as-a-Service for Malicious Android Applications Botconf 2020 Thursday | 14:20 – 14:50 Masarah Paquet-Clouston 🗣 | Vit Šembera 🗣 | Maria Jose Erquiaga | Sebastián García Hide away! A well-obfuscated malicious application can run on a device for a long time without detection, avoiding the-cat-and-mouse race between attackers and defenders. Still, how easy is it

APKatche Me If You Can Uncovering Obfuscation-as-a-Service for Malicious Android Applications Read More »

The Winnti Group: an analysis of their latest activities

Botconf presentation or article /

The Winnti Group: an analysis of their latest activities Botconf 2020 Thursday | 13:50 – 14:20 Mathieu Tartare 🗣 The Winnti Group, active since at least 2012, is responsible for high-profile supply-chain attacks against the video game and software industries, as well as the healthcare and education sector. Some of their most notorious attacks were

The Winnti Group: an analysis of their latest activities Read More »

A Proposed Civil Liability Framework for Disrupting Botnets, with a particular focus on Smart Devices

Botconf presentation or article /

A Proposed Civil Liability Framework for Disrupting Botnets, with a particular focus on Smart Devices Botconf 2020 Thursday | 13:20 – 13:50 Iain Nash 🗣 This paper proposes a legal methodology aimed at disrupting Botnets, whose nodes are mostly comprised of Smart Devices. The methodology allows for the attachment of civil liability to both the

A Proposed Civil Liability Framework for Disrupting Botnets, with a particular focus on Smart Devices Read More »

Scroll to Top