Destructive D-Trace - With Great Power Comes Great Responsibility presented at InfoSec SouthWest 2013

by Neil "nemo" Archibald,

Tags: Security

Summary : "Dtrace, an instrumentation framework present on Mac OS X, Solaris and TrustedBSD, has long been a tool for system administrators and developers alike to investigate and debug their applications and platform. However, it also can be utilized by an attacker as a means of cloaking their presence on the system.This talk will discuss the implementation of a fully functional rootkit via Dtrace probes. It will also look at ways of making detection of the rookit
Dissecting Socioware - A Study of Online Social Network Malware
Aditya K. Sood
Online Social Networks (OSNs) have revolutionized the internet and social interactions by giving birth to e-societies. Being chain networks, OSN's expose a wide attack surface for attackers to trigger infections, affecting a large set of users. This talk sheds light on the model of Socioware, a termed coined to represent social malware. The model of analysis used in this talk covers different sets of malware classes and attack techniques that are used by attackers to infect OSNs.
During the analysis of Socioware, this talk unveils the use of spreaders, classes of malware that are used to inject malicious messages into communication software, and loaders, features in a bot that recursively load malicious programs and plugins onto the infected machine, and how they are used in Socioware. This talk goes over several demonstrations and real-world examples that cover how OSNs such as Facebook, etc. are hijacked and infected. Finally, the talk will conclude with effective defense tactics that OSNs can implement to reduce Socioware. We will discuss reverse engineered code snippets of different bots to backup our concepts on socioware."