Balancing The Pwn Trade Deficit – APT Secrets in Asia presented at Defcon19 2011

by Jeremy Chiu, Anthony ( darkfloyd ) Lai, Benson Wu, Pk ,

Summary : In last year, we have given a talk over China-made malware in both Blackhat and DEFCON, which is appreciated by various parties and we would like to continue this effort and discuss over APT attacks in Asia this year. However, case studies are not just our main dish this time, we will carry out technical analysis over the samples. I have worked with 2 Taiwanese researchers and would like to talk about how to automate the APT attack analysis with our analysis engine, Xecure, and give comparison between samples from various Asian countries, giving similarity and difference analysis among them, which could be insightful to the audience. Finally, we will talk about our contribution to the rule and signature to detect APT attack.