BSidesSF 2016 has ended
Back To Schedule
Monday, February 29 • 5:00pm - 5:25pm
Sucker-punching Malware: A Case Study in Using Bad Malware Design Against Attackers

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Software developers have provided unlimited job security for the infosecindustry. Likewise, malware authors also have a history of making baddesign choices that allow defenders opportunities to use those mistakesagainst them. Between failed crypto implementations in ransomware to"license verification" of commercial malware tools, even malware softwaredevelopers suck.This talk will focus on several case studies, one being of AlienSpy/JSocket and the design decisions made by the author that can be used to great effect to disable the malware world-wide. The earlier version, AlienSpy, was knocked outworldwide forcing the developer to create an entire new version of the malware and have all his customers reinstall (potentially losing theirvictims). Others will be added for interesting current events.

avatar for John Bambenek

John Bambenek

Manager, Threat Systems, Fidelis Cybersecurity
John Bambenek is Manager of Threat Systems for Fidelis Cybersecurity. He specializes in surveillance of online threats and disruption of ongoing campaigns. He speaks at conferences around the world and runs several private intelligence groups focusing on takedowns and disruption of... Read More →
avatar for Hardik Modi

Hardik Modi

VP Threat Research, Fidelis Cybersecurity
Hardik Modi is the VP for Threat Research at Fidelis Cybersecurity where he manages the team responsible for the collection, analysis and distribution of threat intelligence to our customers worldwide. He has over 15 years of experience in the network and security industry.

Monday February 29, 2016 5:00pm - 5:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103