Over the last few years, Talos has discovered various malware linked to advanced threat actor groups. In this talk we will cover malware campaigns such as CCleaner, Netya, Olympic Destroyer and VPNFilter. Both Ccleaner and Netya (NotPetya) are good examples of supply chains attacks on the rise. Supply chain attacks are a very effective way to distribute malicious software into target organizations. This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer. The next case covers Olympic Destroyer, the destructive malware leveraged in the 2017 Winter Olympics in South Korea. And last but not least, we will discuss our most recent research on “VPNFilter”, a sophisticated modular malware system linked to an advanced, likely state-sponsored or state-affiliated actor. VPNFilter impacted networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) device and infected at least 500,000 in at least 54 countries.

Details

time: 11:30
speakers:

Other sessions:

Malpedia – Code Cartographer’s Diary


The Dutch Response to a Cyber Incident


Investigating Financial Cybercrime


Constraints for Code: an Economic Analysis of Policies for Secure Digital Products


IoTHoney: Open Source IoT Honeypotting