SIGINT10 - final10

Konferenz für Netzbewohner, Hacker und Aktivisten

Felix Leder
Tillmann Werner
Day Day 2 - 2010-05-23
Room Konferenzraum (MP6)
Start time 13:00
Duration 00:45
ID 3895
Event type Lecture
Track Hacker
Language used for presentation English

Malware Joe Blobs

An overview of stuff that "Malware Joe" puts into his creations.

The talk is an overview about different blobs or common techniques that are often found in modern malware. Besides information about rootkidding, spreading, and the like, we present some nice "fails" found in malware.

Malware Joe is just a regular developer. But instead of developing PHP web applications, he's into creating new malware. Ok, that's a little more sophisticated than PHP but essentially there are design patterns and common practices in malware like in any other software - but they are nasty 8D Join in and let us have a look together at what Malware Joe does to hide his software, to make it spread, to circument debugging and disassembly. And, while those are just side shows, let's also look into some of the "malfunctions". Malware Joe is 1337 - if not 1338 - but still makes mistakes just like the PHP developer from around the corner. And some of them are quite funny or have a significant impact.