Botconf 2023

Incremental clustering of malware packers using features based on transformed CFG

Botconf 2023 Additional papers Additional paper Incremental clustering of malware packers using features based on transformed CFG Ludovic Robin 🗣 | Corentin Jannier 🗣 | Jean-Yves Marion 🗣 Packer detection is an important topic because most malware is packed and this allows it to avoid detection based on static analysis. Identifying classes of packers is the key to effective detection

Incremental clustering of malware packers using features based on transformed CFG Read More »

Syslogk Linux Kernel Rootkit – Executing Bots via “Magic Packets”

Botconf 2023 Wednesday  | 17:05 – 17:35 Long presentation Syslogk Linux Kernel Rootkit – Executing Bots via “Magic Packets” David Álvarez Pérez 🗣 In November 2022, we discovered a new version of the Syslogk Linux kernel rootkit affecting x86 and x86_64 processor architectures (udis86 disassembler dependency). We were not surprised, as the first version we

Syslogk Linux Kernel Rootkit – Executing Bots via “Magic Packets” Read More »

Read The Manual Locker: A Private RaaS Provider

Botconf 2023 Wednesday  | 17:40 – 18:10 Long presentation Read The Manual Locker: A Private RaaS Provider Max ‘Libra’ Kersten 🗣 Another day, another ransomware-as-a-service provider, or so it seems. The “Read The Manual” (RTM) Locker gang targets corporate environments, forcing their affiliates to follow a strict ruleset. Is this yet another ransomware gang, or

Read The Manual Locker: A Private RaaS Provider Read More »

Scroll to Top