CHASING GHOSTS IN THE WIRES presented at ruxcon 2017

by Vitaly Kamluk,

Summary : Kaspersky Lab research team has spent almost a year tracking an ellusive threat actor that was responsible for one of the biggest cyber heists in history: Bangladesh Central Bank attack, which resulted in $81 mln USD theft with initial target over $951 mln USD. Some time after Bangladesh incident, we discovered the attackers in few other unusual places around the world and interrupted their attempts to steal large amounts of money.
This talk will focus on advanced custom tools and smart techniques used during the attacks. Many of those tools and techniques rendered traditional incident response and forensic analysis useless. The presentation will contain answers of how such problems should be addressed in a better way. Considering that the attackers are still out there "in the wires", the presention will conclude with our top recommendations to all potential targets.
While the presentation will be based on specific investigation, it contains valuable general insights into what a modern top-notch cyberattacks look like.