Operation Potato Express: Analysis of a Cyberespionage Toolkit presented at CopenhagenCybercrimeConfrence 2015

by Anton Cherepanov, Robert Lipovsky,

Summary : The talk uncovers details about an espionage malware family used against targets in numerous countries, including Russia and Ukraine. The malware has been deployed in a number of unrelated APT campaigns since 2011. The subjects of these campaigns cover a wide range of interests, from financial fraud to military. We will describe the various spreading mechanisms used by the malware and provide technical details from the analysis of its modules.