Over the last few years, Talos has discovered various malware linked to advanced threat actor groups. In this talk we will cover malware campaigns such as CCleaner, Netya, Olympic Destroyer and VPNFilter. Both Ccleaner and Netya (NotPetya) are good examples of supply chains attacks on the rise. Supply chain attacks are a very effective way to distribute malicious software into target organizations. This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer. The next case covers Olympic Destroyer, the destructive malware leveraged in the 2017 Winter Olympics in South Korea. And last but not least, we will discuss our most recent research on “VPNFilter”, a sophisticated modular malware system linked to an advanced, likely state-sponsored or state-affiliated actor. VPNFilter impacted networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) device and infected at least 500,000 in at least 54 countries.


time: 11:30

Other sessions:

Enhance Encrypted Network Takedown Operations

Disrupting Financial Cybercrime

Malpedia – Code Cartographer’s Diary

Behind the Scenes of Recent Botnet Takedown Operations

IoTHoney: Open Source IoT Honeypotting