Description: This presentation by Micky Pun and Neo Tan (Fortinet) was delivered during VB2014 in Seattle, WA, USA.
Often identified by its capabilities of spreading through Skype and injecting bank pages, Caphaw, also known as Shylock, has been a low-profile, yet persistent player on the botnet scene since 2011. This is a rare botnet that was released with complete functionality - standing in stark contrast to most botnet malware that is released prematurely into the wild. The intricately designed code structure, together with various obfuscation and anti-sandbox techniques, made it difficult for analysts to build a complete profile of its malicious behaviour.
In this presentation, we will discuss the technical aspects of handling anti-reversing strategies devised by the malware writer and evaluate how Caphaw's 'pluginer' capability could position itself as a robust APT player in the future.
For More Information Please Visit:- https://www.virusbtn.com/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.