Trojans: A Reality Check

Presented at DEF CON 15 (2007), Aug. 3, 2007, 8 p.m. (50 minutes)

Today there is a lot of hype around some new proof-of-concept technology or around politically motivated trojans, etc. This talk will deliver a reality check, give an idea what kind of malware the McAfee Research organisation is actually seeing to be used in the real world and show how the different trojans work, what the impact is. The material used are internal statistics of the various threats sent to or discovered by us, some more detailed analysis to make functionality more transparent and some demo's, screenshots, etc. to make clear how complex the trojans used today in real attacks are. This also gives a a very clear picture of how the threat changed now that there is a lot of money involved in using trojans to steal personal data of all kind - from bank details to identities in online games.


Presenters:

  • Dirk Kollberg - Virus Research Lead EMEA, McAfee
    Dirk Kollberg works as Virus Research Lead within the McAfee Avert, focused on analysis of worms such as massmailer, P2P and service exploiting threats like Slammer or RPC-DCOM threats. Dialers, PWS trojans, IRC bots, script- and macro viruses. Being born and working based in Hamburg, he does have a good view on European threats, especially on those from Germany. Before he started at McAfee in 1999, he has been working for 5 years as electronics technician on automated manufacturing processes and another year as 3D designer for product presentations on the web. He blames Commodore PET as reason of his addiction to bits and bytes.
  • Toralv Dirro - Avert Labs EMEA Security Strategist, CISSP, McAfee
    Toralv Dirro works for McAfee as Avert Labs EMEA Security Strategist. Working in in Virus Research for many years since 1994 at McAfee (Dr Solomon's Software back then) after analysing viruses at the University of Hamburg before that, he got finally got bored with debugging things and focused on Network IPS and Vulnerability Assessment / Management. He recently rejoined the Research team. Toralv Dirro is a well reputed expert on next generation AV Technology and Network Intrusion Prevention and is a frequent speaker on those topics.

Links:

Similar Presentations: