1 / 10

Malware Creators Are Quite Clever, You Know...

Malware Creators Are Quite Clever, You Know. Brian Long Brian Long Training & Consultancy Services brian@blong.com http://blong.com. Malware. Malware = software that has malicious purpose or behaves maliciously: Worms Viruses Adware Spyware Exploit tools Backdoor servers Spreaders

hrivero
Download Presentation

Malware Creators Are Quite Clever, You Know...

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Malware Creators Are Quite Clever, You Know... Brian Long Brian Long Training & Consultancy Services brian@blong.com http://blong.com

  2. Malware • Malware = software that has malicious purpose or behaves maliciously: • Worms • Viruses • Adware • Spyware • Exploit tools • Backdoor servers • Spreaders • Rootkits

  3. Malware • Malware typically arrives through some exploit • Backdoors are planted • Stuff may get broken • Data may be stolen • Host facilities may be consumed parasitically

  4. Malware • Continued existence and stealth achieved through rootkits • Terminology dates back some way with Unix • Rootkits hide stuff • Files • Directories • Registry keys/entries • Processes • and so on

  5. Malware • Rootkits are low-level, high-tech nasties • Some use kernel-mode code installed through a driver • Some achieve what they need to at user mode • Various approaches implemented successfully • Regular toolkit will not see rootkits • Rootkit deployment is increasing rapidly

  6. Case Study • Live web server • Locked away in a shed somewhere • Only access via Remote Desktop • Something seemed funny, hence the call • Dodgy IP activity, but… • …nothing visible

  7. Case Study • Turned out to be a skilled hacker’s P2P system • 26.5GB of music and video files being distributed around an IRC crew on the quiet • Rootkit installed • Disk space faked • Everything hidden • Customer very surprised to see it all spill out into the open

  8. Malware • Common implementation language is Delphi • If not, C++ or assembly language • With lots of inline assembly • Microsoft are getting on the case:http://research.microsoft.com/rootkit • Sysinternals.com are getting on the case:http://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml

  9. B.L.E.A.C.H. • Infected by adware? Having trouble removing spyware? Suspect you have some malware? • You need to clean your system with BLEACH*. • BLEACH* is the quick and effective way to rid yourself of unwanted and malicious software on your Windows desktop, LAN servers and Web servers. • Enquiries to brian@blong.com *Brian Long Elbows Away Computer Hackers

  10. Thank you Brian Long brian@blong.com http://blong.com p|-|34|2 |v|’/ 1337 $|<!11z

More Related