Explore the intricacies of the BE2/Sandworm campaigns in this 20-minute talk presented by Kurt Baumgartner and Maria Garnaeva at Kaspersky Lab's Security Analyst Summit #TheSAS2015. Delve into various aspects of the campaign, including plugins, user mode operations, file records, and backup channels. Examine the role of Google accounts and PNG files in the attack strategy. Analyze the config file and uncover the mysterious plugin that caught researchers' attention. Learn about the research paper and proof of concept behind the campaign. Investigate the reasons for its implementation and the unusual domains associated with it. Gain valuable insights into this sophisticated cyber threat and its inner workings.
Overview
Syllabus
Introduction
Plugins
Destroy plugin
User mode
File records
Backup channel
Google account
PNG file
Config file
Mysterious plugin
Research paper
Proof of concept
Why
Failed implementation
Unusual domains
Taught by
Kaspersky