Living a Carb[anak] Free Lifestyle

Brrcon 2017

Presented by: Ryan Borre, Michael J. Schwartz
Date: Tuesday June 23, 2015
Time: 11:00 - 11:50
Location: Frostbyte

The Carbanak group has been one of the most prolific cybercrime actors in the past year. There’s a high-likelihood that the spate of POS intrusions at restaurants and hospitality-associated establishments is attributed to Carbanak. In this talk, we will walk through some of the key features of Carbanak maldocs and learn about some behavioral approaches to identifying and detecting Carbanak based on a signature. A historical guide to Carbanak will be used to set the stage for a more in-depth discussion around current TTPs and what you can do to keep this actor out of your environment.

Michael J. Schwartz

Swiss-Cyber Knife Extraordinaire – Michael J. Schwartz is a well-seasoned security practitioner with Intelligence experience rooted in both government and public sector. Michael holds Masters degrees in Computer Science and Defense and Strategic Studies as well as a Bachelors in Political Science.

Ryan Borre

Ryan Borre is a malware reverse engineer responsible for “quick and dirty” analysis. He performs rapid analysis for the Target Cyber Security Incident Response team. He has a Bachelor’s degree in Information Technology and an Associate’s degree in Computer Science. He takes a minimalist approach to reverse engineering, using predominately open-source tools and the path of least resistance. Ryan’s motto is, “Let the malware do the work”. When he is not investigating malware, Ryan enjoys spending time with his family, dirt biking, and extreme camping.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats