By Mikko Hypponen – Chief Research Officer – F-Secure Corporation
Mikko’s talk is an overview of how a the anti-malware
1986 first PC virus found called Brain. Which was actually by todays standard a “root kit” even if we did not call virusse that at this time.
In 1991 Mikko analysed his first virus the “Omega” virus.
The first viruses actually announced themselves like the V sign virus, Josh, Walker, Yankee Doodle Yankee, Casino, etc.
Read more…
By Nicholas J. Percoco (@c7five) and Jibran Ilyas
The Spyderlabs guys had a busy year. They investigated over 200 incidents in 24 different countries and ended up collecting enough malware samples. Based upon last year’s DEFCON talk they are going to dive deeper and bring you the most interesting samples from around the world
This talk will bring you 4 new freaks and 4 new victims including: a Sports Bar in Miami, Online Adult Toy Store, US Defense Contractor, and an International VoiP Provider.
The malware being demoed are very advanced pieces of software written by very skilled developers. The complexity in their propagation, control channels, anti-forensic techniques and data exporting properties will be very interesting to anyone interested in this topic, even tough the major categories have stayed the same.
Malware comes in various categories: Keyboard logger, screen loggers and memory scrapers. Disk scrapers are not very popular because it is slow and is noticed to easily due to heavy disk activity. There are three basic ways to own a system: Physical, Easy and Uber . Physical means inserting something like a USB stick or key logger. Easy is e.g. through publicly exposed RDP and default passwords.
Malware is getting much harder to detect because they are better tested and using more stealthy techniques like root kits.
Sample SL2009-127 – Memory Rootkit Malware – Captain Brain Drain
Read more…
The talk gave insight into three actual samples of malware the authors find during their work.
Read more…
