Dive into an in-depth analysis of the JAKU Botnet in this 32-minute conference talk by Andrew Settle from Forcepoint. Explore the collaborative efforts of the Special Investigation Team and their use of big data techniques to uncover crucial insights. Learn about the SQLite database structure, command analysis, and the intricacies of victim targeting. Examine the botnet's geographical spread, dwell times, and unusual characteristics such as large PNG files and UDT communication. Gain valuable knowledge about the botnet's command and control infrastructure, and review its source code. Conclude with a summary of key findings and participate in a Q&A session to deepen your understanding of this sophisticated cyber threat.
Investigating JAKU Botnet - Analysis and Insights
Overview
Syllabus
Intro
Forcepoint
Special Investigation Team
Collaboration
Big Data
Looking at Other Peoples Data
SQLite Database
Database Documentation
Commands
The complicated bit
Location
Victims
Aggregation
Targeting
dwell time
strange things
large PNG
UDT
Commander Control
Source Code
Summary
Questions
Insights
Taught by
The Cyber Academy
