Unveiling the Attack Chain of Russian-Speaking Cybercriminals

Delve into a comprehensive analysis of the Asprox cybercriminal group's attack chain in this 39-minute Hack.lu 2016 presentation by Wayne Huang and Sun Huang. Explore the evolution of the Asprox gang's sophisticated infection infrastructure since 2007, including their vast network of compromised assets, multi-layered distribution and command-and-control servers, and advanced malware obfuscation techniques. Gain insights into their methods for infecting endpoints, compromising websites at scale, and expansion into Android malware. Examine statistics on daily downloads, conversion rates, and monetization strategies within underground economies. Learn about the presenters' data collection and analysis methodologies, as well as tracking techniques used to study this threat actor. The talk covers topics such as spam campaigns, mass-scale getshell methodology, PHP redirector code, the Asprox TDS, Android C&C server panels, and stolen data statistics, providing a rare and in-depth look at the operations of Russian-speaking cybercriminals.