BSidesSF 2016

Software developers have provided unlimited job security for the infosecindustry. Likewise, malware authors also have a history of making baddesign choices that allow defenders opportunities to use those mistakesagainst them. Between failed crypto implementations in ransomware to"license verification" of commercial malware tools, even malware softwaredevelopers suck.This talk will focus on several case studies, one being of AlienSpy/JSocket and the design decisions made by the author that can be used to great effect to disable the malware world-wide. The earlier version, AlienSpy, was knocked outworldwide forcing the developer to create an entire new version of the malware and have all his customers reinstall (potentially losing theirvictims). Others will be added for interesting current events.