Your SlideShare is downloading. ×
0
MALWARE 2.0
     Shane Ochotny
TYPES OF MALWARE
 Worms                                     Exploits

                    Trojans
                        ...
STATISTICS
                TREND MICRO UNIQUE THREAT GROWTH




20,000,000


15,000,000


10,000,000


 5,000,000


      ...
STATISTICS
                TREND MICRO UNIQUE THREAT GROWTH




20,000,000


15,000,000


10,000,000


 5,000,000


      ...
MALWARE 1.0
BORED KIDS
   80’s - 90’s
INFECTION VECTORS
      File Replication
MALWARE 2.0
ORGANIZED CRIME

Groups Discovering and Selling Exploits
         Developing and Selling Malware
         Hosting Exploits...
ORGANIZED CRIME

        Discovering and Selling Exploits
Groups Developing and Selling Malware
        Hosting Exploits a...
ORGANIZED CRIME

        Discovering and Selling Exploits
        Developing and Selling Malware
Groups Hosting Exploits a...
ORGANIZED CRIME

         Discovering and Selling Exploits
         Developing and Selling Malware
         Hosting Exploi...
ORGANIZED CRIME

        Discovering and Selling Exploits
        Developing and Selling Malware
        Hosting Exploits ...
MONETARY GAIN
MONEY HOW?
                                        Bank Accounts
      Authentication Credentials


Credit Card Numbers   ...
INFECTION VECTORS



         Exploits


    Social Engineering
REACHING THE USERS
IFRAMES
MALVERTIZEMENTS
REDIRECTION



MySpace        IFrame        Bad Website

MySpace     Malvertizement   Bad Website
REDIRECTION



MySpace        IFrame        Bad Website

MySpace     Malvertizement   Bad Website
REDIRECTION



MySpace        IFrame        Bad Website

MySpace     Malvertizement   Bad Website
REDIRECTION



MySpace        IFrame        Bad Website

MySpace     Malvertizement   Bad Website
REDIRECTION



MySpace        IFrame        Bad Website

MySpace     Malvertizement   Bad Website
REDIRECTION



MySpace        IFrame        Bad Website

MySpace     Malvertizement   Bad Website
HIGH PROFILE WEBSITES
EXPLOITS
TAKE ADVANTAGE OF SOFTWARE VULNERABILITIES




   No User Interaction
   No Downloading Accidentally
   No User K...
SOCIAL ENGINEERING
  TAKES ADVANTAGE OF USER VULNERABILITIES
SOCIAL ENGINEERING
  TAKES ADVANTAGE OF USER VULNERABILITIES
SOCIAL ENGINEERING
  TAKES ADVANTAGE OF USER VULNERABILITIES
SOCIAL ENGINEERING
  TAKES ADVANTAGE OF USER VULNERABILITIES
MALWARE SOURCES
                     THREATEXPERT.COM


Canada               United Kingdom       Russia
 0.67%           ...
WHY BARCAMP?
SOCIAL THREATS
    Facebook


    MySpace


    YouTube


    Twitter


    Instant Messaging
FACEBOOK
MYSPACE
  JULY 2006
YOUTUBE
TWITTER
INSTANT MESSAGING
Network Anti-Malware
Passive on the Network
No Client Software
MALWARE SOURCES
                     THREATEXPERT.COM


Canada               United Kingdom       Russia
 0.67%           ...
MALWARE 2.0
     Shane Ochotny
Upcoming SlideShare
Loading in...5
×

Malware 2.0

863

Published on

Presentation given at BarCamp Tampa 2009 on the changes in the malicious software landscape.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
863
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
55
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Malware 2.0"

  1. 1. MALWARE 2.0 Shane Ochotny
  2. 2. TYPES OF MALWARE Worms Exploits Trojans Adware Spyware Keyloggers Viruses Dialers Rootkits Rogue
  3. 3. STATISTICS TREND MICRO UNIQUE THREAT GROWTH 20,000,000 15,000,000 10,000,000 5,000,000 0 2005 2006 2007 2008
  4. 4. STATISTICS TREND MICRO UNIQUE THREAT GROWTH 20,000,000 15,000,000 10,000,000 5,000,000 0 2005 2006 2007 2008
  5. 5. MALWARE 1.0
  6. 6. BORED KIDS 80’s - 90’s
  7. 7. INFECTION VECTORS File Replication
  8. 8. MALWARE 2.0
  9. 9. ORGANIZED CRIME Groups Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  10. 10. ORGANIZED CRIME Discovering and Selling Exploits Groups Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  11. 11. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Groups Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  12. 12. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Groups Selling the Stolen Data Using the Stolen Data
  13. 13. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Groups Using the Stolen Data
  14. 14. MONETARY GAIN
  15. 15. MONEY HOW? Bank Accounts Authentication Credentials Credit Card Numbers Send Spam Emails DDoS Address Book Contacts Social Security Numbers Screenshots Recent Websites Keystrokes DNS Redirect
  16. 16. INFECTION VECTORS Exploits Social Engineering
  17. 17. REACHING THE USERS
  18. 18. IFRAMES
  19. 19. MALVERTIZEMENTS
  20. 20. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  21. 21. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  22. 22. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  23. 23. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  24. 24. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  25. 25. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  26. 26. HIGH PROFILE WEBSITES
  27. 27. EXPLOITS TAKE ADVANTAGE OF SOFTWARE VULNERABILITIES No User Interaction No Downloading Accidentally No User Knowledge
  28. 28. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  29. 29. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  30. 30. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  31. 31. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  32. 32. MALWARE SOURCES THREATEXPERT.COM Canada United Kingdom Russia 0.67% 6.17% 22.29% United States 6.42% China 32.07% Africa 0.17% Brazil 6.92%
  33. 33. WHY BARCAMP?
  34. 34. SOCIAL THREATS Facebook MySpace YouTube Twitter Instant Messaging
  35. 35. FACEBOOK
  36. 36. MYSPACE JULY 2006
  37. 37. YOUTUBE
  38. 38. TWITTER
  39. 39. INSTANT MESSAGING
  40. 40. Network Anti-Malware Passive on the Network No Client Software
  41. 41. MALWARE SOURCES THREATEXPERT.COM Canada United Kingdom Russia 0.67% 6.17% 22.29% United States 6.42% China 32.07% Africa 0.17% Brazil 6.92%
  42. 42. MALWARE 2.0 Shane Ochotny
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×