Operation PZCHAO

Presented at BSidesSF 2019, March 3, 2019, 11:45 a.m. (30 minutes).

Nowadays cyber-attacks are growing in complexity as threat actors divide payloads in multiple modules with highly specialized uses to achieve a target's compromise. The past few years have seen high-profile cyber-attacks that shifted from damaging the targets' digital infrastructures to stealing highly sensitive data, silently monitoring the victim, and constantly laying the ground for a new wave of attacks. This is also the case of a custom-built piece of malware that we have been monitoring for several months as it wreaked havoc in Asia by targeting a number of high-profile institutions. Our threat intelligence systems picked up the first indicators of compromise in July last year and we have dissected it to better understand its capabilities, its communication techniques, and ultimately its impact on the victim's data.

Presenters:

• Ivona-Alexandra Chili
  Ivona Alexandra Chili is a Forensics Engineer in the Bitdefender Cyber Threat Intelligence Lab. She has recently graduated Computer Sciences at the Alexandru Ioan Cuza University in Iasi and is currently pursuing a bachelor's degree. With almost three years of experience in malware reverse enginnering, she aims to become a recognized professional in the field of cyber security. She strongly believes that working in anti-malware research sharpens a multitude of technical skills that would remain dormant in any other industry.

Links:

• https://bsidessf2019.sched.com/event/Jdd5/operation-pzchao

Similar Presentations:

• VB2016 / Modern Attacks on Russian Financial Institutions
• VB2016 / BlackEnergy - What We Really Know About the Notorious Cyber Attacks
• VB2017 / Inside Netrepser - a JavaScript-based targeted attack