N
This presentation is the property of its rightful owner.
Sponsored Links
1 / 13

WYSI WYG PowerPoint PPT Presentation


  • 105 Views
  • Uploaded on
  • Presentation posted in: General

n. WYSI WYG. Peter Stan cik Security Evangelist. What you see is not what you get. What you see is not what you get. Infection vectors. Drive-by download. Social engineering. Blackhat SEO. SPAM. Social networks. Blackhat SEO. Social networks. What do I get ( instead )?.

Download Presentation

WYSI WYG

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Wysi wyg

n

WYSI WYG

Peter Stancik

SecurityEvangelist


What you see is not what you get

What you see is not what you get


What you see is not what you get1

What you see is not what you get


Infection vectors

Infection vectors

Drive-by download

Social engineering

Blackhat SEO

SPAM

Social networks


Blackhat seo

Blackhat SEO


Social networks

Socialnetworks


What do i get instead

What do I get (instead)?

  • BankingTrojans

…with mobile components

Something “special” from the grey zone…

Scareware

…Rogue AVs, Registry Cleaners

…etc…


Banking trojans

Banking Trojans


Banking trojans1

Banking Trojans

  • Man-in-the-Browser

  • Man-in-the-Mobile

  • Scenario:

    • Steal credentials using MitB

    • Infect victim’s mobile phone – MitMo

    • Log in using stolen credentials; perform transaction

    • Mobile malware forwards authentication SMS to attacker

    • Fill in authentication code and complete transaction

  • Zeus and now SpyEye: detected as SymbOS/Spitmo

  • *pictures from http://securityblog.s21sec.com/2010/09/zeus-mitmo-man-in-mobile-ii.html


Rogue av

Rogue AV


Dns changer

DNS Changer


Ca breaches

CA Breaches


Wysi wyg

Thank you!

[email protected]

blog.eset.com


  • Login