Explore the latest advancements in malware covert communication channels in this 57-minute Black Hat conference talk. Delve into the world of steganography and its increasing use by malware operators to conceal information and evade detection. Examine real-world examples of malware families like Stegoloader, Vawtrak, and Lurk, analyzing their implementation of steganographic techniques and evaluating the strengths and weaknesses of each approach. Investigate how malware programmers leverage inconspicuous network traffic, such as DNS queries and HTTP 404 error messages, to create covert communication channels between infected computers and command and control servers. Gain insights into the challenges these techniques pose for automated detection mechanisms and human analysts. Compare the use of covert communication channels in both commodity cybercrime and targeted attack malware, drawing from documented real-life incidents. Understand the current trends and status quo in cybercriminal and targeted attack malware, equipping yourself with vital knowledge to combat these evolving threats.
Hiding In Plain Sight - Advances In Malware Covert Communication Channels
Overview
Syllabus
Hiding In Plain Sight - Advances In Malware Covert Communication Channels
Taught by
Black Hat
Related Courses
-
Security Foundations for Application-Based Covert Communication Channels
-
Nobody's Anonymous - Tracking Spam and Covert Channels
-
Exploiting Out-of-Order Execution for Covert Cross-VM Communication
-
AWS GuardDuty - Post-DNS Era Covert Channel For C&C
-
Leviathan - Command and Control Communications on Planet Earth
-
Watching Commodity Malware Get Sold to a Targeted Actor
