What is Lurking in the shadows... EranKalige Head of Security Operation Center Erank@versafe-login.com
Who am I? • Head of security Operation Center At Versafe • Years of research and Development. • Security expert • Security and anti Fraud consultant • Famous publications: • Eurograbber banking Trojan • HighRoller Trojan reports
Agenda • Dark side of the net • Cyber Crime • Phishing attacks – who where and what it looks like. • Trojan attacks - How are they distributed? • Banking Trojans - who are they ? What do they do ? How they do it? • Automatic transfers & fake balances - Inside look inside The hackers dropzones • Summary
Facts and Details Any victims here?
Phishing – Protection • Users • Avoid clicking on links – go directly to the website. • Verify the HTTPS connection (SSL) • Look for fishy details • Corporate • Implement an Anti-phishing solution • Update your Systems – Firewall , anti-spam , Anti-virus etc. • Look for fishy details
Trojans – past players NetBus or Netbus is a software program for remotely controlling a Microsoft Windows computer system over a network. It was created in 1998 and has been very controversial for its potential of being used as a backdoor. NetBus was written in Delphi by Carl-Fredrik Neikter, a Swedish programmer in March 1998. The author claimed that the program was meant to be used for pranks, not for illegally breaking into computer systems. Translated from Swedish, the name means "NetPrank". .
Trojans today • Host control – VertexNet, Andromeda , Pony , Umbra and more. • Banking Trojans – Zeus , Citadel , Goziand more • Bitcoin mining Trojans • Espionage and country related – Stuxnet , Magdi and more. • Mobile Trojans – Perkele, OmegaSPY , Zitmo/Eurograbber.
Trojans today – Script injections Trojan Code Injection
Trojans today -Citadel file:///C:/Users/Eran/Desktop/lecture/vids/videos_voscomptesenligne_labanquepostale_fr_13_05_23__07-16_.webm
Trojans today - distribution • Web sites infected with exploits. • P2P share – Emule, Torrent, ... • Worms in social networks, chat rooms, forums, … • Emails
"“I'm scared.. What to do??? • Users • Avoid clicking on links from people you don’t know. • Install an antivirus software and make sure to – UPDATE! • Scan USBs and other resources you connect to the computer. • Don’t fall for “ watch this video!”
Final words... baby it's a wild world, it's hard to get by just upon a smile...
Questions... Eran Kalige Head of security operation center Versafe