> Details

Bencsáth, Boldizsár [Author] ; Buttyán, Levente [Other]; Ács-Kurucz, Gábor [Other]; Kamarás, Roland [Other]; Molnár, Gábor [Other]; Balázs, Zoltán [Other]

BAB0: A custom sample that bypassed cutting-edge APT attack detection tools

Reference
management

Bookmarks

Remove from
bookmarks

Share this on Whatsapp

Close

Bookmarks



You can manage bookmarks using lists, please log in to your user account for this.
  • Media type: E-Book; Video
  • Title: BAB0: A custom sample that bypassed cutting-edge APT attack detection tools
  • Contributor: Bencsáth, Boldizsár [Author]; Buttyán, Levente [Other]; Ács-Kurucz, Gábor [Other]; Kamarás, Roland [Other]; Molnár, Gábor [Other]; Balázs, Zoltán [Other]
  • Published: [Erscheinungsort nicht ermittelbar]: Hacktivity, 2015
  • Published in: Hacktivity 2015 ; Vol. 28, (Jan. 2015)
  • Extent: 1 Online-Ressource (2016 MB, 00:45:56:05)
  • Language: English
  • DOI: 10.5446/18835
  • Identifier:
  • Origination:
  • Footnote: Audiovisuelles Material
  • Description: In this talk, we present BAB0, a custom sample that we developed for testing purposes and that bypassed 5 cutting-edge APT attack detection tools. We explain why BAB0 escaped detection both in the phase of infecting the victim and later during continuous communications with a remote C&C server. We show the tricks that we designed and implemented in BAB0 and try to make some demonstrations as well. We also elaborate on the problems of testing anti-APT products in general, and give some hints on new testing methodologies that are currently emerging within the AV test community
  • Access State: Open Access
  • Rights information: Attribution - Non Commercial (CC BY-NC)