Upload
cyphort
View
132
Download
3
Tags:
Embed Size (px)
Citation preview
Your speakers today
Nick Bilogorskiy@belogor
Director of Security Research
Shel SharmaProduct Marketing Director
Agenda
o Fake Antiviruso Ransomwareo APTso Adwareo Web Exploitso Wrap-up and Q&A
Cyph
ort L
abs
T-sh
irt
Threat Monitoring & Research team
________
24X7 monitoring for malware events
________
Assist customers with their Forensics and Incident Response
We enhance malware detection accuracy
________
False positives/negatives
________
Deep-dive research
We work with the security ecosystem
________
Contribute to and learn from malware KB
________
Best of 3rd Party threat data
Fake Antivirus timeline
Mac Defender
Antivirus XP 2008
2005 2008 2009 2010 2011 2012 2013 2014
WinFixerPC Optimizer Pro
XP Antivirus 2008
Affiliate Username Account Balance (USD)
nenastniy $158,568.86krab $105,955.76rstwm $95,021.16newforis $93,260.64slyers $85,220.22ultra $82,174.54cosma2k $78,824.88dp322 $75,631.26iamthevip $61,552.63dp32 $58,160.20
2015 Adware PcOptimizerPro
o PcOptimizerPro shows fake alerts of performance problems
o Fixing only possible with commercial version
o Offers user to buy an upgrade
PGPCoder Trojan – 1024 RSA key, collects money via EGOLD
Bitcoin was invented by Satoshi Nakamoto
Reveton Trojan, aka Police Trojan. collects money via Moneypak
BitCoin becomes popular, Cryptolocker appears
Cryptowall, TeslaCrypt
Ransomware History
2005
2009
2012
2013
2014
DarkSeoul
o DarkSeoul, a hacking group with suspected links to North Korea, performed a delayed wipe on 32,000 systems at South Korean banks and media companies
o Credit claimed by Whois
Summaryo Most malware runs silentlyo Some malware uses GUI for monetizationo Error windows are very common in malware
output, both real and fakeo APTs display fake documents for misdirection