Loading…
Botconf 2017 has ended

Log in to bookmark your favorites and sync them to your phone or calendar.

Criminology / Behaviour of actors [clear filter]
Wednesday, December 6
 

11:10 CET

Get Rich or Die Trying
In a World where oil is scarce and people click mail attachments they really shouldn’t, One Man sets out on an epic journey for glory, conquest, and other people’s money. So begins the amazing tale of the “Oil bot” campaign: a tale of a single man who ran a sting operation on a good share of the industrial sector, armed with nothing but his supply of off-the-shelf RATs, his very subpar OPSEC standards, and his Nigerian hutzpah. The talk will follow the entire course of Check Point’s investigation into this affair – from the few emails that didn’t add up, through the campaign’s not-so-intricate C&C infrastructure, to the point where we were inside the campaign, looking at all the incredulous details. How do you scam people into scamming other people? What leads a fraudster to leave a trail of incriminating footprints?

And what does a Nigerian scammer want with an energy company, anyway? One thing’s for sure: In this brave new world, the Nigerian prince is no longer happily calling to inform you that you should transfer your money to them; it is you who is angrily calling your bulk provider, asking where all your money went.

Speakers
avatar for Or Eshed

Or Eshed

Lead Threat Intelligence Analyst, Check Point
Or Eshed - Lead threat intelligence analyst in Check Point’s threat intelligence group. Has 10 years of experience in intelligence and investigations. Expertise in data analysis and pattern recognition.
avatar for Mark Lechtik

Mark Lechtik

Malware Resarch Team Leader, Check Point
Mark is the malware research team leader in Check Point, and has been working there in several research positions for the past 4 years. He was born in Russia, but lives most of his life in Israel, where he graduated the Ben-Gurion university with a B.Sc in communication system engineering... Read More →


Wednesday December 6, 2017 11:10 - 11:40 CET
Corum
 
Thursday, December 7
 

14:00 CET

Malpedia: A Collaborative Effort to Inventorize the Malware Landscape
In this paper, we introduce Malpedia, our take on a collaborative platform for the curation of a coherent corpus of cleanly labeled, unpacked malware samples. Illustrating one of the use cases for this data set, we provide a comparative overview of structural characteristics for more than 300 families of Windows malware.

Speakers
MC

Martin Clauß

Wissenschaftlicher Mitarbeiter, Fraunhofer FKIE
avatar for Daniel Plohmann

Daniel Plohmann

Malware analyst, Fraunhofer FKIE
Daniel Plohmann works as a senior analyst for Fraunhofer FKIE, taking apart malware families and botnet instances. His PhD research at University of Bonn focuses on automation and improving the efficiency of reverse engineering as an instrument for in-depth analysis. As a Teaching... Read More →


Thursday December 7, 2017 14:00 - 15:00 CET
Corum