Description: The ZeuS family of banking trojans remains probably one of the most serious threats to the end user in today's Internet. In this talk we will cover some history of the evolution of the trojan, its inner workings and how it looks today. An overview of our experiences in analysing the trojan and ZeuS botnets will be given, with particular focus on ZiTMo and the latest ZeuS P2P variants. We will also show how cooperation between various stakeholders in Poland allowed for a quick and accurate assessment of a ZiTMo outbreak in early 2011, in spite of some histerical media hype surrounding the event. Finally, a comparison will also be made with its great rival – SpyEye.
Speaker Bio:
Piotr Kijewski works for NASK as part of the CERT Polska team since 2002. He became head of the team in April 2010. His main interests in the computer and network security field include intrusion detection, honeypots and network forensics. Apart from heading the CERT operational activity, he also heads a group of people from various teams at NASK that is responsible for the development of novel solutions in the area of network and threat monitoring. This includes work on projects such as ARAKIS, a network early warning system that consists of over 50 sensors that include a honeypot capability across Polish networks and the HoneySpider Network 1 & 2 projects aimed at developing a complete client honeypot solution. Speaker at various international conferences and workshops (FIRST Annual Conference, Honeynet Project Annual Workshop, NATO Cyber Defense, ENISA events, GOVCERT.NL symposium, TF-CSIRT meetings etc). Piotr Kijewski is the leader of the NASK team that was involved in the EU FP7 WOMBAT (Worldwide Observatory of Malicious Behaviour and Attack Threats) project. He has also taken part in other European projects such as eCSIRT.net, SPOTSPAM and ENISA studies (including the Proactive Detection of Network Security Incidents study, co-authoring the ENISA CSIRT Exercise Book, as well as membership in various working groups). Previously he has worked for nearly 10 years as a network administrator at the Warsaw University of Technology and as a network security consultant for many companies in Poland. He holds an MSc degree in Telecommunications from the Warsaw University of Technology.
Tags: securitytube , honeynet , hacking , hackers , workshop , information security , convention , computer security , honeynet 12 , honeynet-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.