Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Unveiling the Attack Chain of Russian-Speaking Cybercriminals

Cooper via YouTube

Overview

Delve into a comprehensive analysis of the Asprox cybercriminal group's attack chain in this 39-minute Hack.lu 2016 presentation by Wayne Huang and Sun Huang. Explore the evolution of the Asprox gang's sophisticated infection infrastructure since 2007, including their vast network of compromised assets, multi-layered distribution and command-and-control servers, and advanced malware obfuscation techniques. Gain insights into their methods for infecting endpoints, compromising websites at scale, and expansion into Android malware. Examine statistics on daily downloads, conversion rates, and monetization strategies within underground economies. Learn about the presenters' data collection and analysis methodologies, as well as tracking techniques used to study this threat actor. The talk covers topics such as spam campaigns, mass-scale getshell methodology, PHP redirector code, the Asprox TDS, Android C&C server panels, and stolen data statistics, providing a rare and in-depth look at the operations of Russian-speaking cybercriminals.

Syllabus

Intro
Asprox Campaign Overview
Attack chain analysis
Sending out spam
Spamming methods
Underground marketplace
Mass-scale getshell methodology
PHP redirector code
The Asprox TDS
Bash Nginx installation script
Decoy IP in Nginx installation script
Advertising service C2 server
Asprox Android C&C server panel
Android C2 servers
Data stolen (during 4 months)
Android bot rental service panel
Click statistics
Clicks geodistribution
Conclusion

Taught by

Cooper

Reviews

Start your review of Unveiling the Attack Chain of Russian-Speaking Cybercriminals

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.