Modern Malvertising and Malware web-based exploit campaigns

No ratings

Presented at AppSecUSA 2015 by

James Pleger

The purpose of this presentation will be to introduce the audience to new techniques attackers are using to target users of web applications for exploitation. The first part of this presentation will be an introduction to the modern Malware landscape, with a breakdown of the top 5 types of malware being actively used in campaigns to target end users of web applications. Of interest, though perhaps unsurprising - the top three are not what we traditionally think of as "malware" in the sense of exploitative code or remote backdoors - but aimed at direct monetization of the user. The second part of this presentation will be a technical walkthrough a real-world modern malvertising & malware campaign, and break down each step of the attack, and each distribution & obfuscation layer. This walkthrough will be the bulk of the presentation (30 minutes), leaving time for Q & A at the end. Time permitting, we may provide more examples of modern campaigns/malware.