Chicken of the APT: Understanding Targeted Attackers with Incubation!

DerbyCon 4.0 - Family Rootz

Presented by: Kyle Wilhoit
Date: Sunday September 28, 2014
Time: 12:00 - 12:50
Location: Track 3

Attribution of attackers and motives is often difficult. Trying to understand what tactics they use, malware they utilize, and what groups they belong to can be a tedious task. These attackers are often targeting specific organizations , individuals, and countries- things that sandboxes and dynamic analysis techniques rarely have the ability to emulate.

In this talk, we’ll cover targeted malware incubation and present two case studies of never released details on how attackers have fallen victim to incubation. We will finally finish with the release of an open source incubator- Shadowlab, giving everyone the ability to incubate malware.

Kyle Wilhoit


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats