Malware is Hard. Let’s Go Shopping!

DerbyCon V - Unity

Presented by: Richard Wartell
Date: Sunday September 27, 2015
Time: 09:30 - 09:55
Location: Track 5
Track: Stable Talks

Writing a successful, protected, targeted, malicious binary is a software development task that requires great skill. A well-written piece of targeted malware should evade anti-virus solutions, hide its network communications, protect itself against reverse engineering, and clean up any forensic evidence of its existence on the system. However, writing a mediocre piece of targeted malware that works most of the time is easy. There are many publicly available backdoors, downloaders, and keyloggers that require little to no expertise to use, and poorly trained malware authors try to roll their own all the time. Working in malware analysis and reverse engineering, I see some of the intelligent choices malware authors make, but more often I see the hilariously poor code they write. During this talk I will demonstrate how to reverse engineer real world malware. I will focus on samples with interesting and comical mistakes, as well as samples that are impressive and well written. I’ll also detail ways to write better malware and how to avoid making comical mistakes.

Richard Wartell


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats