InfoconDB

Presented at BSidesSF 2016, Feb. 29, 2016, 5 p.m. (25 minutes).

Software developers have provided unlimited job security for the infosecindustry. Likewise, malware authors also have a history of making baddesign choices that allow defenders opportunities to use those mistakesagainst them. Between failed crypto implementations in ransomware to"license verification" of commercial malware tools, even malware softwaredevelopers suck.This talk will focus on several case studies, one being of AlienSpy/JSocket and the design decisions made by the author that can be used to great effect to disable the malware world-wide. The earlier version, AlienSpy, was knocked outworldwide forcing the developer to create an entire new version of the malware and have all his customers reinstall (potentially losing theirvictims). Others will be added for interesting current events.

Presenters:

John Bambenek - Manager, Threat Systems - Fidelis Cybersecurity
John Bambenek is Manager of Threat Systems for Fidelis Cybersecurity. He specializes in surveillance of online threats and disruption of ongoing campaigns. He speaks at conferences around the world and runs several private intelligence groups focusing on takedowns and disruption of criminal entities.
Hardik Modi - VP Threat Research - Fidelis Cybersecurity
Hardik Modi is the VP for Threat Research at Fidelis Cybersecurity where he manages the team responsible for the collection, analysis and distribution of threat intelligence to our customers worldwide. He has over 15 years of experience in the network and security industry.

Sucker-punching Malware: A Case Study in Using Bad Malware Design Against Attackers

Presenters:

Links:

Similar Presentations: