Surfing with Sharks presented at Shakacon 2012

by James Ochmann, Dwayne Yuen, Jason Tsang,

Summary : Drive-by-malware sites are the most prevalent attack vector for spreading viruses on the Internet today. Cybercrime has grown in size and sophistication in the past few years, with larger and more resilient botnets leading to record levels of spam, credit card theft, and banking fraud. Today we’ll provide an inside look into the modern malware industry: how online criminals leverage vulnerable web applications, ads, and search engine poisoning to funnel traffic to drive-by-malware sites; the commercialization of exploit kits and bot packs and their role compromising everyday users; and just how easy it is to purchase and setup your own botnet. Highlighting the talk will be live demonstrations of one of the most popular exploit kits still in use today, the notorious BlackHole exploit pack responsible for more than 95% of all malicious URL infections in 2011.