Old Malware, New tools: Ghidra and Commodore 64, why understanding old malicious software still matters

Presented at DEF CON 30 (2022), Aug. 12, 2022, 10 a.m. (45 minutes)

Why looking into a 30 years old "malicious" software make sense in 2022? Because this little "jewels", written in a bunch of bytes, reached a level of complexity surprisingly high. With no other reason than pranking people or show off technical knowledge, this software show how much you can do with very limited resources: this is inspiring for us, looking at modern malicious software, looking at how things are done and how the same things could have been done instead.

Presenters:

• Cesare Pizzi - Hacker
  Cesare Pizzi is a Security Researcher, Analyst, and Technology Enthusiast at Sorint.lab. He develops software and hardware, and tries to share this with the community. Mainly focused on low level programming, he develops and contributes to OpenSource software (Volatility, OpenCanary, Cetus, etc), sometimes hardware related (to interface some real world devices) sometimes not. Doing a lot of reverse engineering too, so he feels confident in both "breaking" and "building" (may be more on breaking?).

Links:

• https://forum.defcon.org/node/241926
• https://infocon.org/cons/DEF CON/DEF CON 30/DEF CON 30 video and slides/DEF CON 30 - Cesare Pizzi - Old Malware, New Tools - Ghidra and Commodore 64.mp4
• https://infocon.org/cons/DEF CON/DEF CON 30/DEF CON 30 video and slides/DEF CON 30 - Cesare Pizzi - Old Malware, New Tools - Ghidra and Commodore 64.srt (subtitles)
• https://www.youtube.com/watch?v=Dl7l7gdr34o