Presented at
DeepSec 2013 „Secrets, Failures, and Visions“,
Unknown date/time
(Unknown duration).
Greg Hoglund explained at BlackHat 2010 that the development environments that malware authors use leaves traces in the code which can be used to attribute malware to a a individual or a group of individuals. Not with the precision of name, date of birth and address but with evidence that a arrested suspects computer can be analysed and compared with the "tool marks" on the collected malware sample.
Presenters:
-
Michael Boman
- Independent Researcher
Security consultant during daytime, malware researcher at nighttime. My latest claim to fame is the MART Project (Malware Analysts Research Tool) which is more like a collection of tools and procedures then a stand-alone application. MART allows a malware analyst to quickly analyse malware on a limited time and budget.
Links:
Similar Presentations: