Rocket Kitten: Advanced Off-the-Shelf Targeted Attacks Against Nation States: A Deep Technical Analysis

Presented at 31C3 (2014), Dec. 27, 2014, 11 p.m. (60 minutes)

Rocket Kitten is an advanced APT set of campaigns, with a twist - off-the-shelf malware that won’t shame a nation state. The talk will combine an assessment of the threat group’s modus operandi with a technical deep dive. Prepare for some hex dumps.

This talk will uncover a set of high profile espionage campaigns from 2014 that involve a commercial attack framework – a highly specialized tool that has not been publicly documented and remained undetected in multiple operations. We will discuss the framework's technical design and review its features and capabilities that make it a premium instrument for stealth intrusions. We will further discuss how the tool was delivered to victims and how the compromise was carried out.


  • gadi
    Gadi is CEO and founder of Cymmetria, a cyber security startup, Chairman of the Board of the Israeli CERT and Founding Chairman of the Cyber Threat Intelligence Alliance. He is widely recognized for his work in internet security operations and global incident response, considered the first botnet expert. He specializes in corporate security, cyber intelligence and cyber crime. He was previously VP of Cybersecurity Strategy for Kaspersky Lab and led PwC's Cyber Security Center of Excellence, located in Israel. Prior to that Gadi was CISO for the Israeli government Internet operation, founder of the Israeli Government CERT and is a research fellow at the Yuval Ne`eman Workshop for Science, Technology and Security, at Tel Aviv University, working on cyber warfare projects. Gadi authored two books on information security, organizes global professional working groups, chairs worldwide conferences, and is a frequent lecturer.
  • tw
    tw enjoys advanced cyber threat analysis that goes beyond pressing F5.