Presented at
DEF CON 17 (2009),
July 31, 2009, 4:30 p.m.
(50 minutes).
We see a lot of compromised environments every year. In 2008 alone, we performed full forensic investigations on over 150 different environments ranging from financial institutions, hotels, restaurants and even some casinos not too far from DEF CON. This presentation will show the inner workings of three very interesting pieces of malware, ranging from somewhat simple to very complex. Each sample was actually used to steal confidential data that resulted in significant fraud and business loss for the organizations we found them at. Many of the pieces of malware we have been running across are very advanced pieces of software written by very skilled developers. The complexity in their propagation, control channels, and data exporting properties will be very interesting to anyone interested in this topic.
Presenters:
-
Jibran Ilyas
- Senior Forensic Investigator, SpiderLabs, Trustwave
Jibran Ilyas is a Senior Forensic Investigator at Trustwave's SpiderLabs. He has investigated some of nations largest data breaches and is a regular contributor for Visa's published security alerts through his white papers. In his past roles, he has been involved in Intrusion Detection Systems and Firewall deployments and setting up Security Operations Centers for Fortune 500 companies. His research interests include reverse engineering and anti-forensics. Jibran recently earned his degree from the Graduate MIS program at Northwestern University.
-
Nicholas J. Percoco
- Vice President of SpiderLabs, Trustwave
Nicholas J. Percoco is the head of SpiderLabs -- the advanced security team at Trustwave that has performed more than 500 cyber forensic investigations globally, thousands of ethical hacking and application security tests. He has more than 14 years of information security experience. Nicholas acts as the lead security advisor to many of Trustwave's premier clients by assisting them in making strategic decisions around various security and compliance regimes. As a speaker, he has provided unique insight around security breaches and trends to public and private audiences throughout North America, South America, Europe, and Asia. Prior to Trustwave, Nicholas ran security consulting practices at both VeriSign and Internet Security Systems.
Links:
Similar Presentations: