Modern CrimeWare Tools and Techniques: An Analysis of Underground Resources

Presented at The Next HOPE (2010), July 17, 2010, 3 p.m. (60 minutes)

This talk will highlight the features, functions, availability, and impact of modern crimeware tools. The talk will have a specific focus on the Zeus payload and command/control application, and will touch upon other leading banking malware. In addition to detailed technical information, the talk will highlight the history and evolution of this particular trojan and the underground economy that drives it. Furthermore, there will be discussion of other tools that are often used in conjunction with the payload, such as remote exploit kits. The talk will also highlight mitigation techniques and basic design principles for web applications and server configurations that can help reduce the impact of crimeware on individuals and organizations.

Presenters:

• Alexander Heid
  Alexander Heid is an information security researcher from Miami. He is a founding member of HackMiami, a hackerspace in south Florida, and is also a board member for the south Florida OWASP organization. Alexander was quoted by Technology Review Magazine in February 2010 regarding research on the Zeus trojan and antivirus evasion techniques. He is currently employed as a vulnerability analyst for a Fortune 20 financial firm.

Links:

• https://infocon.org/cons/2600/The Next Hope (2010)/The Next HOPE (2010) - Modern Crimeware Tools and Techniques - An Analysis of Underground Resources.srt (subtitles)
• https://infocon.org/cons/2600/The Next Hope (2010)/The Next HOPE (2010) - Modern Crimeware Tools and Techniques - An Analysis of Underground Resources.mp4
• https://www.youtube.com/watch?v=xmDMv62hL_o

Similar Presentations:

• Black Hat Asia 2017 / 24 Techniques to Gather Threat Intel and Track Actors
• HOPE Number Nine (2012) / Crimeware Tools and Techniques of 2012: Past, Present, and Future
• THOTCON 0x7 (2016) / Crimeware 101