Malware 2.0

1,008 views
942 views

Published on

Presentation given at BarCamp Tampa 2009 on the changes in the malicious software landscape.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,008
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
58
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Malware 2.0

  1. 1. MALWARE 2.0 Shane Ochotny
  2. 2. TYPES OF MALWARE Worms Exploits Trojans Adware Spyware Keyloggers Viruses Dialers Rootkits Rogue
  3. 3. STATISTICS TREND MICRO UNIQUE THREAT GROWTH 20,000,000 15,000,000 10,000,000 5,000,000 0 2005 2006 2007 2008
  4. 4. STATISTICS TREND MICRO UNIQUE THREAT GROWTH 20,000,000 15,000,000 10,000,000 5,000,000 0 2005 2006 2007 2008
  5. 5. MALWARE 1.0
  6. 6. BORED KIDS 80’s - 90’s
  7. 7. INFECTION VECTORS File Replication
  8. 8. MALWARE 2.0
  9. 9. ORGANIZED CRIME Groups Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  10. 10. ORGANIZED CRIME Discovering and Selling Exploits Groups Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  11. 11. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Groups Hosting Exploits and Malware Selling the Stolen Data Using the Stolen Data
  12. 12. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Groups Selling the Stolen Data Using the Stolen Data
  13. 13. ORGANIZED CRIME Discovering and Selling Exploits Developing and Selling Malware Hosting Exploits and Malware Selling the Stolen Data Groups Using the Stolen Data
  14. 14. MONETARY GAIN
  15. 15. MONEY HOW? Bank Accounts Authentication Credentials Credit Card Numbers Send Spam Emails DDoS Address Book Contacts Social Security Numbers Screenshots Recent Websites Keystrokes DNS Redirect
  16. 16. INFECTION VECTORS Exploits Social Engineering
  17. 17. REACHING THE USERS
  18. 18. IFRAMES
  19. 19. MALVERTIZEMENTS
  20. 20. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  21. 21. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  22. 22. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  23. 23. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  24. 24. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  25. 25. REDIRECTION MySpace IFrame Bad Website MySpace Malvertizement Bad Website
  26. 26. HIGH PROFILE WEBSITES
  27. 27. EXPLOITS TAKE ADVANTAGE OF SOFTWARE VULNERABILITIES No User Interaction No Downloading Accidentally No User Knowledge
  28. 28. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  29. 29. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  30. 30. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  31. 31. SOCIAL ENGINEERING TAKES ADVANTAGE OF USER VULNERABILITIES
  32. 32. MALWARE SOURCES THREATEXPERT.COM Canada United Kingdom Russia 0.67% 6.17% 22.29% United States 6.42% China 32.07% Africa 0.17% Brazil 6.92%
  33. 33. WHY BARCAMP?
  34. 34. SOCIAL THREATS Facebook MySpace YouTube Twitter Instant Messaging
  35. 35. FACEBOOK
  36. 36. MYSPACE JULY 2006
  37. 37. YOUTUBE
  38. 38. TWITTER
  39. 39. INSTANT MESSAGING
  40. 40. Network Anti-Malware Passive on the Network No Client Software
  41. 41. MALWARE SOURCES THREATEXPERT.COM Canada United Kingdom Russia 0.67% 6.17% 22.29% United States 6.42% China 32.07% Africa 0.17% Brazil 6.92%
  42. 42. MALWARE 2.0 Shane Ochotny

×