Overview
Syllabus
Intro
BACKGROUND - who are they?
BACKGROUND - Activity Timeline
KOREA MAJOR BANK ATTACK BY BLUENOROFF - Background
KOREA MAJOR BANK ATTACK BY BLUENOROFF - Attack Vector
KOREA MAJOR BANK ATTACK BY BLUENOROFF - Malware
VANXATM - ATM OPERATOR COMPANY BREACH
BITCOIN EXCHANGES HACKING CAMPAIGN
BITCOIN EXCHANGES HACKED - Phishing Email Attack Vector
BITCOIN EXCHANGES HACKED - Attack Timeline
INTERESTING ATTACK TARGETED BANK IN EGYPT - Background
Campaign targeted Egypt bank and SK banks - Delivery Method
Campaign targeted Egypt bank and SK banks - Interesting Decoys
Directory browsing open on C&C server
Getting new C&C server with (stolen? ransomed?) bitcoin
USING MONERO MINER
Sample Timestamp Analysis of Andariel Group (GMT+9)
BLACK HAT SOUND BYTES (CONCLUSION)
Taught by
Black Hat