cybercrime & business. jak wygrać tę wojnę?
TRANSCRIPT
Cybercrime & Business
How do we fight this war?
Pirkka Palomäki
Chief Technology OfficerF-Secure Corporation
facebook, myspace, twitter, linkedin?
FloppyLanEmailWeb
Operating systemBrowsersJavaAdobe FlashAdobe PDF readerQuicktime
Acrobat
Flash
Case Darkmarket
Featuring Mr. Cagatay Evyapanaka "Cha0"
FeaturingMr. Adewale Taiwo
Case Mebroot
Case Mebroot – short introduction
The first complex MBR rootkit with malicious payload
Kernel-mode downloader and backdoor
Downloads PWS and banking Trojan components
Strengths of Mebroot:
No executable files on file system
No registry keys or standard launch points
No driver module in module list
Minimal memory footprint
Early execution during system startup
Stealth read/write disk operations
Stealth Anti-Removal protection
Totally generic, open malware platform (MAOS)
How do we work?
F-Secure Dashboard
Myth To Forget
Obsolete for Hundreds of Thousands
of samples every day
Malware Samples / Acquisition
AutomaticAnalysis
DetectionEngine
TechnologyTechnology
Malware Researchers &
Analysts Researchers &
Real-time delivery
Security Research Flow; The Critical Chain
SMA Decisions – daily
thank you