A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Sucker-punching Malware: A Case Study in Using Bad Malware Design Against Attackers - John Bambenek, Hardik Modi BSides San Francisco 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Sucker-punching Malware: A Case Study in Using Bad Malware Design Against Attackers
John Bambenek, Hardik Modi
BSides San Francisco 2016

Software developers have provided unlimited job security for the infosecindustry. Likewise, malware authors also have a history of making baddesign choices that allow defenders opportunities to use those mistakesagainst them. Between failed crypto implementations in ransomware to'license verification' of commercial malware tools, even malware softwaredevelopers suck.This talk will focus on several case studies, one being of AlienSpy/JSocket and the design decisions made by the author that can be used to great effect to disable the malware world-wide. The earlier version, AlienSpy, was knocked outworldwide forcing the developer to create an entire new version of the malware and have all his customers reinstall (potentially losing theirvictims). Others will be added for interesting current events.

Back to BSides San Francisco 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast