Attribution of attackers and motives is often difficult. Trying to understand what tactics they use, malware they utilize, and what groups they belong to can be a tedious task. These attackers are often targeting specific organizations , individuals, and countries- things that sandboxes and dynamic analysis techniques rarely have the ability to emulate.
In this talk, we’ll cover targeted malware incubation and present two case studies of never released details on how attackers have fallen victim to incubation. We will finally finish with the release of an open source incubator- Shadowlab, giving everyone the ability to incubate malware.