Your SlideShare is downloading. ×

Malware 2.0

853

Published on

Presentation given at BarCamp Tampa 2009 on the changes in the malicious software landscape.

Presentation given at BarCamp Tampa 2009 on the changes in the malicious software landscape.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
853
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
55
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. MALWARE 2.0 Shane Ochotny
  • 2. TYPES OF MALWARE Worms Exploits Trojans Adware Spyware Keyloggers Viruses Dialers Rootkits Rogue
  • 3. STATISTICS TREND MICRO UNIQUE THREAT GROWTH 20,000,000 15,000,000 10,000,000 5,000,000 0 2005 2006 2007 2008
  • 4. STATISTICS TREND MICRO UNIQUE THREAT GROWTH 20,000,000 15,000,000 10,000,000 5,000,000 0 2005 2006 2007 2008
  • 5. MALWARE 1.0
  • 6. BORED KIDS 80’s - 90’s
  • 7. INFECTION VECTORS File Replication
  • 8. MALWARE 2.0
  • 9. ORGANIZED CRIME Groups Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  • 10. ORGANIZED CRIME Discovering and Selling Exploits Groups Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  • 11. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Groups Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  • 12. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Groups Selling the Stolen Data Using the Stolen Data
  • 13. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Groups Using the Stolen Data
  • 14. MONETARY GAIN
  • 15. MONEY HOW? Bank Accounts Authentication Credentials Credit Card Numbers Send Spam Emails DDoS Address Book Contacts Social Security Numbers Screenshots Recent Websites Keystrokes DNS Redirect
  • 16. INFECTION VECTORS Exploits Social Engineering
  • 17. REACHING THE USERS
  • 18. IFRAMES
  • 19. MALVERTIZEMENTS
  • 20. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  • 21. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  • 22. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  • 23. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  • 24. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  • 25. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  • 26. HIGH PROFILE WEBSITES
  • 27. EXPLOITS TAKE ADVANTAGE OF SOFTWARE VULNERABILITIES No User Interaction No Downloading Accidentally No User Knowledge
  • 28. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  • 29. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  • 30. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  • 31. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  • 32. MALWARE SOURCES THREATEXPERT.COM Canada United Kingdom Russia 0.67% 6.17% 22.29% United States 6.42% China 32.07% Africa 0.17% Brazil 6.92%
  • 33. WHY BARCAMP?
  • 34. SOCIAL THREATS Facebook MySpace YouTube Twitter Instant Messaging
  • 35. FACEBOOK
  • 36. MYSPACE JULY 2006
  • 37. YOUTUBE
  • 38. TWITTER
  • 39. INSTANT MESSAGING
  • 40. Network Anti-Malware Passive on the Network No Client Software
  • 41. MALWARE SOURCES THREATEXPERT.COM Canada United Kingdom Russia 0.67% 6.17% 22.29% United States 6.42% China 32.07% Africa 0.17% Brazil 6.92%
  • 42. MALWARE 2.0 Shane Ochotny

×