SlideShare a Scribd company logo

Insights into the Cybercrime Ecosystem

Albert Hui
Albert Hui
TechnologyEntertainment & Humor
1 of 35
INSIGHTS INTO THE CYBERCRIME ECOSYSTEM Albert Hui GREM, GCIA, GCIH, GCFA, CISA
WHO AM I?  Member of: • Digital Phishnet • Association of Certified Fraud Examiners • SANS Advisory Board  Former incident analyst / researcher at top-tier retail, commercial, and investment banks.  Former government security auditor.  Now a security ronin.
JURISDICTION ARBITRAGE Cybercrime is borderless; cyber law enforcement is not.
TEN YEARS AGO Copyright © 2010 Albert Hui (CC) BY-NC-SA 4
TODAY Copyright © 2010 Albert Hui (CC) BY-NC-SA 5
TODAY Copyright © 2010 Albert Hui (CC) BY-NC-SA 6 Photofromhttp://krebsonsecurity.com
TODAY Copyright © 2010 Albert Hui (CC) BY-NC-SA 7 “In Spain, it is not a crime to own and operate a botnet or distribute malware,” Capt. Lorenzana told Krebsonsecurity in March. “So even if we manage to prove they are using a botnet, we will need to prove they also were stealing identities and other things, and that is where our lines of investigation are focusing right now.”
BUSINESS FUNCTION SPECIALIZATION Scale up the business.
CYBERCRIME ECOSYSTEM Copyright © 2010 Albert Hui (CC) BY-NC-SA 9 Security Researchers Malware Writers publish / sell exploits Script Kiddies sell malwares / exploit kits Packer / Crypter Developer Sell packers / crypters sell / publish / make known of vulnerabilities / techniques Hackers pay per install P2P File Downloaders / Web Surfers (Victims) spread malwares Crack Programmer Software Pirates supply software steal accounts (e.g. QQ, game, credit card numbers, e-banking logins) sell accounts / zombies Accounts / Zombies Resellers Spammers, Virtual Asset Resellers, Personal Info Resellers Fraudsters sell accounts sell credit card numbers / e-banking logins Money Launderers Money Mules Bulletproof Hosting buy hosting services Botnet Operators Sell zombies sell botnet Traffic Resellers
WHY SPECIALIZE?  Scale up  Legitimize most business activities Copyright © 2010 Albert Hui (CC) BY-NC-SA 10
PAY-PER-INSTALL Copyright © 2010 Albert Hui (CC) BY-NC-SA 11
INSTALL SERVICE Copyright © 2010 Albert Hui (CC) BY-NC-SA 12
EXPLOIT KIT Copyright © 2010 Albert Hui (CC) BY-NC-SA 13
CRYPTER Copyright © 2010 Albert Hui (CC) BY-NC-SA 14
DOWNLOADER Copyright © 2010 Albert Hui (CC) BY-NC-SA 15
SEO Copyright © 2010 Albert Hui (CC) BY-NC-SA 16
DOORWAY PAGE Copyright © 2010 Albert Hui (CC) BY-NC-SA 17
CASH IN Realizing financial gains
SPAMMING  Spamming ads  Spamming scam emails  Spamming phishing emails  Spam-assisted pump and dump Copyright © 2010 Albert Hui (CC) BY-NC-SA 19
BOTNET  Leasing out botnets (leave dirty jobs to the buyers)  Why people pay for botnets? • Orchestrate click frauds • Cyber extortion rackets using DDoS • Distribute more sinister malwares (e.g. Zeus, Torpig, Silent Banker) Copyright © 2010 Albert Hui (CC) BY-NC-SA 20
CAPITALIZING ACCOUNTS  Selling in-game items  Selling game accounts  Selling personal information (for telemarketing / defrauding) Copyright © 2010 Albert Hui (CC) BY-NC-SA 21
VIRTUAL CURRENCIES  WoW gold, Linden Dollar, Q幣, etc. Copyright © 2010 Albert Hui (CC) BY-NC-SA 22
MONEY LAUNDERING
WASH THY MONEY CLEAN Copyright © 2010 Albert Hui (CC) BY-NC-SA 24
STORED-VALUE CARDS  Prepaid credit cards  Merchant gift cards Copyright © 2010 Albert Hui (CC) BY-NC-SA 25
SAFE HAVENS  Online gambling sites  Offshore financial services Copyright © 2010 Albert Hui (CC) BY-NC-SA 26
ONLINE AUCTIONS  Money laundering via product purchase (洗寶) Copyright © 2010 Albert Hui (CC) BY-NC-SA 27
SMURFING Copyright © 2010 Albert Hui (CC) BY-NC-SA 28 $ $ $ $ $ $ $ $ $ $ $ $ $ $ $$
MONEY MULE Copyright © 2010 Albert Hui (CC) BY-NC-SA 29
BUSINESS ETHICS OF THE UNDERWORLD
SHAVING  Many PPIs are accused of shaving Copyright © 2010 Albert Hui (CC) BY-NC-SA 31
PHISHING Copyright © 2010 Albert Hui (CC) BY-NC-SA 32
LOOK BEHIND YOUR BACK Copyright © 2010 Albert Hui (CC) BY-NC-SA 33
LOOK BEHIND YOUR BACK Copyright © 2010 Albert Hui (CC) BY-NC-SA 34
THANK YOU! albert.hui@gmail.com Copyright © 2010 Albert Hui (CC) BY-NC-SA 35

Recommended

Become a bitcoin millionaire in the next 48hours
Become a bitcoin millionaire in the next 48hoursBecome a bitcoin millionaire in the next 48hours
Become a bitcoin millionaire in the next 48hoursAmy Borerwe
 
Hacking
HackingHacking
HackingAravindhanScientist
 
What is sim swipe fraud
What is sim swipe fraudWhat is sim swipe fraud
What is sim swipe fraudCyberSangam
 
Présentation sur la privacy en 2015 à l'ADETEM
Présentation sur la privacy en 2015 à l'ADETEMPrésentation sur la privacy en 2015 à l'ADETEM
Présentation sur la privacy en 2015 à l'ADETEMJean-Baptiste Soufron
 
How to Save Yourself From SIM Swap Fraud | RBL Bank
How to Save Yourself From SIM Swap Fraud | RBL BankHow to Save Yourself From SIM Swap Fraud | RBL Bank
How to Save Yourself From SIM Swap Fraud | RBL Bankrajeevshukhla
 
Mr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingMr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingJacqueline Fick
 
Buenos Aies - LaBitConf 2013
Buenos Aies - LaBitConf 2013Buenos Aies - LaBitConf 2013
Buenos Aies - LaBitConf 2013Juan Llanos
 
Making sense of cryptocurrencies
Making sense of cryptocurrenciesMaking sense of cryptocurrencies
Making sense of cryptocurrenciesshanmu m
 

Recommended

Become a bitcoin millionaire in the next 48hours
Become a bitcoin millionaire in the next 48hoursBecome a bitcoin millionaire in the next 48hours
Become a bitcoin millionaire in the next 48hoursAmy Borerwe
 
Hacking
HackingHacking
HackingAravindhanScientist
 
What is sim swipe fraud
What is sim swipe fraudWhat is sim swipe fraud
What is sim swipe fraudCyberSangam
 
Présentation sur la privacy en 2015 à l'ADETEM
Présentation sur la privacy en 2015 à l'ADETEMPrésentation sur la privacy en 2015 à l'ADETEM
Présentation sur la privacy en 2015 à l'ADETEMJean-Baptiste Soufron
 
How to Save Yourself From SIM Swap Fraud | RBL Bank
How to Save Yourself From SIM Swap Fraud | RBL BankHow to Save Yourself From SIM Swap Fraud | RBL Bank
How to Save Yourself From SIM Swap Fraud | RBL Bankrajeevshukhla
 
Mr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingMr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingJacqueline Fick
 
Buenos Aies - LaBitConf 2013
Buenos Aies - LaBitConf 2013Buenos Aies - LaBitConf 2013
Buenos Aies - LaBitConf 2013Juan Llanos
 
Making sense of cryptocurrencies
Making sense of cryptocurrenciesMaking sense of cryptocurrencies
Making sense of cryptocurrenciesshanmu m
 
Practical Defences Against A New Type of Professional Bank Fraudsters
Practical Defences Against A New Type of Professional Bank FraudstersPractical Defences Against A New Type of Professional Bank Fraudsters
Practical Defences Against A New Type of Professional Bank FraudstersAlbert Hui
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudInternet Law Center
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET Journal
 
Cyber crime law libreoffice
Cyber crime law libreofficeCyber crime law libreoffice
Cyber crime law libreofficesolomon24
 
How bots impact major onsales [Webinar]
How bots impact major onsales [Webinar]How bots impact major onsales [Webinar]
How bots impact major onsales [Webinar]Queue-it
 
cryptocurrency investing bible : a way to be a millionaire
cryptocurrency investing bible : a way to be a millionairecryptocurrency investing bible : a way to be a millionaire
cryptocurrency investing bible : a way to be a millionairessuserc1e3ce
 
The disadvantage of ict.pptx
The disadvantage of ict.pptxThe disadvantage of ict.pptx
The disadvantage of ict.pptxangellaclarianes1
 
cybercrime survival guide
cybercrime survival guidecybercrime survival guide
cybercrime survival guideGary Gray, MCSE
 
Cscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theftCscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theftAlireza Ghahrood
 
Cybercrime
CybercrimeCybercrime
Cybercrimedhru shah
 
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...InnovatioNews
 
Identity Theft business
Identity Theft businessIdentity Theft business
Identity Theft businessMatt Smith
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDr. Augustine Fou - Independent Ad Fraud Researcher
 
Hacking back in self defense
Hacking back in self defenseHacking back in self defense
Hacking back in self defenseDavid Willson, Attorney, CISSP, Security +
 
Top 5 Cryptocurrency Scam Risk Factors
Top 5 Cryptocurrency Scam Risk FactorsTop 5 Cryptocurrency Scam Risk Factors
Top 5 Cryptocurrency Scam Risk FactorsMaxim Kozlovsky
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCigniti Technologies Ltd
 
cyber crime technology
cyber crime technologycyber crime technology
cyber crime technologyBinu p jayan
 
Beware of Scam Artists - Recognize Them Before They Get You!
Beware of Scam Artists - Recognize Them Before They Get You!Beware of Scam Artists - Recognize Them Before They Get You!
Beware of Scam Artists - Recognize Them Before They Get You!Narayan Makaram
 
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...G3 Communications
 
How To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksHow To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksLondon School of Cyber Security
 
Information Security from Risk Management and Design
Information Security from Risk Management and DesignInformation Security from Risk Management and Design
Information Security from Risk Management and DesignAlbert Hui
 
The Practice of Cyber Crime Investigations
The Practice of Cyber Crime InvestigationsThe Practice of Cyber Crime Investigations
The Practice of Cyber Crime InvestigationsAlbert Hui
 

More Related Content

Similar to Insights into the Cybercrime Ecosystem

Practical Defences Against A New Type of Professional Bank Fraudsters
Practical Defences Against A New Type of Professional Bank FraudstersPractical Defences Against A New Type of Professional Bank Fraudsters
Practical Defences Against A New Type of Professional Bank FraudstersAlbert Hui
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudInternet Law Center
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET Journal
 
Cyber crime law libreoffice
Cyber crime law libreofficeCyber crime law libreoffice
Cyber crime law libreofficesolomon24
 
How bots impact major onsales [Webinar]
How bots impact major onsales [Webinar]How bots impact major onsales [Webinar]
How bots impact major onsales [Webinar]Queue-it
 
cryptocurrency investing bible : a way to be a millionaire
cryptocurrency investing bible : a way to be a millionairecryptocurrency investing bible : a way to be a millionaire
cryptocurrency investing bible : a way to be a millionairessuserc1e3ce
 
The disadvantage of ict.pptx
The disadvantage of ict.pptxThe disadvantage of ict.pptx
The disadvantage of ict.pptxangellaclarianes1
 
cybercrime survival guide
cybercrime survival guidecybercrime survival guide
cybercrime survival guideGary Gray, MCSE
 
Cscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theftCscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theftAlireza Ghahrood
 
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...InnovatioNews
 
Identity Theft business
Identity Theft businessIdentity Theft business
Identity Theft businessMatt Smith
 
Top 5 Cryptocurrency Scam Risk Factors
Top 5 Cryptocurrency Scam Risk FactorsTop 5 Cryptocurrency Scam Risk Factors
Top 5 Cryptocurrency Scam Risk FactorsMaxim Kozlovsky
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCigniti Technologies Ltd
 
cyber crime technology
cyber crime technologycyber crime technology
cyber crime technologyBinu p jayan
 
Beware of Scam Artists - Recognize Them Before They Get You!
Beware of Scam Artists - Recognize Them Before They Get You!Beware of Scam Artists - Recognize Them Before They Get You!
Beware of Scam Artists - Recognize Them Before They Get You!Narayan Makaram
 
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...G3 Communications
 

Similar to Insights into the Cybercrime Ecosystem (20)

Practical Defences Against A New Type of Professional Bank Fraudsters
Practical Defences Against A New Type of Professional Bank FraudstersPractical Defences Against A New Type of Professional Bank Fraudsters
Practical Defences Against A New Type of Professional Bank Fraudsters
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
 
Cyber crime law libreoffice
Cyber crime law libreofficeCyber crime law libreoffice
Cyber crime law libreoffice
 
How bots impact major onsales [Webinar]
How bots impact major onsales [Webinar]How bots impact major onsales [Webinar]
How bots impact major onsales [Webinar]
 
cryptocurrency investing bible : a way to be a millionaire
cryptocurrency investing bible : a way to be a millionairecryptocurrency investing bible : a way to be a millionaire
cryptocurrency investing bible : a way to be a millionaire
 
The disadvantage of ict.pptx
The disadvantage of ict.pptxThe disadvantage of ict.pptx
The disadvantage of ict.pptx
 
cybercrime survival guide
cybercrime survival guidecybercrime survival guide
cybercrime survival guide
 
Cscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theftCscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theft
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
 
Identity Theft business
Identity Theft businessIdentity Theft business
Identity Theft business
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fou
 
Hacking back in self defense
Hacking back in self defenseHacking back in self defense
Hacking back in self defense
 
Top 5 Cryptocurrency Scam Risk Factors
Top 5 Cryptocurrency Scam Risk FactorsTop 5 Cryptocurrency Scam Risk Factors
Top 5 Cryptocurrency Scam Risk Factors
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out for
 
cyber crime technology
cyber crime technologycyber crime technology
cyber crime technology
 
Beware of Scam Artists - Recognize Them Before They Get You!
Beware of Scam Artists - Recognize Them Before They Get You!Beware of Scam Artists - Recognize Them Before They Get You!
Beware of Scam Artists - Recognize Them Before They Get You!
 
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
 
How To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksHow To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot Attacks
 

More from Albert Hui

Information Security from Risk Management and Design
Information Security from Risk Management and DesignInformation Security from Risk Management and Design
Information Security from Risk Management and DesignAlbert Hui
 
The Practice of Cyber Crime Investigations
The Practice of Cyber Crime InvestigationsThe Practice of Cyber Crime Investigations
The Practice of Cyber Crime InvestigationsAlbert Hui
 
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...Albert Hui
 
New Frontiers in Cyber Forensics
New Frontiers in Cyber ForensicsNew Frontiers in Cyber Forensics
New Frontiers in Cyber ForensicsAlbert Hui
 
Laying the Corporate Groundwork for Effective Incident Investigation
Laying the Corporate Groundwork for Effective Incident InvestigationLaying the Corporate Groundwork for Effective Incident Investigation
Laying the Corporate Groundwork for Effective Incident InvestigationAlbert Hui
 
Cyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersCyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersAlbert Hui
 
Detecting Threats - How to Think Like an Attacker
Detecting Threats - How to Think Like an AttackerDetecting Threats - How to Think Like an Attacker
Detecting Threats - How to Think Like an AttackerAlbert Hui
 
(Mis)trust in the cyber era
(Mis)trust in the cyber era(Mis)trust in the cyber era
(Mis)trust in the cyber eraAlbert Hui
 
Universal DDoS Mitigation Bypass
Universal DDoS Mitigation BypassUniversal DDoS Mitigation Bypass
Universal DDoS Mitigation BypassAlbert Hui
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateAlbert Hui
 
The Aftermath: You Have Been Attacked! So what's next?
The Aftermath: You Have Been Attacked! So what's next?The Aftermath: You Have Been Attacked! So what's next?
The Aftermath: You Have Been Attacked! So what's next?Albert Hui
 
Incident Response Triage
Incident Response TriageIncident Response Triage
Incident Response TriageAlbert Hui
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware AnalysisAlbert Hui
 

More from Albert Hui (13)

Information Security from Risk Management and Design
Information Security from Risk Management and DesignInformation Security from Risk Management and Design
Information Security from Risk Management and Design
 
The Practice of Cyber Crime Investigations
The Practice of Cyber Crime InvestigationsThe Practice of Cyber Crime Investigations
The Practice of Cyber Crime Investigations
 
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
 
New Frontiers in Cyber Forensics
New Frontiers in Cyber ForensicsNew Frontiers in Cyber Forensics
New Frontiers in Cyber Forensics
 
Laying the Corporate Groundwork for Effective Incident Investigation
Laying the Corporate Groundwork for Effective Incident InvestigationLaying the Corporate Groundwork for Effective Incident Investigation
Laying the Corporate Groundwork for Effective Incident Investigation
 
Cyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersCyber Fraud - The New Frontiers
Cyber Fraud - The New Frontiers
 
Detecting Threats - How to Think Like an Attacker
Detecting Threats - How to Think Like an AttackerDetecting Threats - How to Think Like an Attacker
Detecting Threats - How to Think Like an Attacker
 
(Mis)trust in the cyber era
(Mis)trust in the cyber era(Mis)trust in the cyber era
(Mis)trust in the cyber era
 
Universal DDoS Mitigation Bypass
Universal DDoS Mitigation BypassUniversal DDoS Mitigation Bypass
Universal DDoS Mitigation Bypass
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the Corporate
 
The Aftermath: You Have Been Attacked! So what's next?
The Aftermath: You Have Been Attacked! So what's next?The Aftermath: You Have Been Attacked! So what's next?
The Aftermath: You Have Been Attacked! So what's next?
 
Incident Response Triage
Incident Response TriageIncident Response Triage
Incident Response Triage
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware Analysis
 

Recently uploaded

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 

Recently uploaded (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 

Insights into the Cybercrime Ecosystem

Editor's Notes

  1. “We didn’t just get the command and control servers; with Mariposa we got the guys behind it. The problem is that we can take down the botnet but the criminals are still out there and can start a new botnet – that happens most of the times.” said Luis Corrons, technical director at PandaLabs.
  2. Only the hackers who perform break-ins and thefts, and the financial operators are clearly criminal.
  3. Drive-by downloads
  4. Investopedia Dictionary defines money laundering as “the process of creating the appearance that large amounts of money obtained from serious crimes, such as drug trafficking or terrorist activity, originated from a legitimate source.” According to the International Monetary Fund (IMF), money laundering transactions are almost beyond imagination – 2 percent to 5 percent of global Gross Domestic Product. Necessary element of any criminal activity undertaken for profit. placement -> layering -> integration
  5. Smurfing, a subset of structuring, the practice of executing financial transactions in a specific pattern calculated to avoid the creation of certain records and reports required by law (Bank Secrecy Act (BSA)).
  6. Nigeria scam? Sometimes you actually do receive the money.