SlideShare une entreprise Scribd logo

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

State of the Internet
State of the Internet

The stealthy Blackshades Remote Access Tool makes it all too easy for malicious actors to infect computer with a powerful and multifeatured trojan. Once infected, attackers can monitor audio and video, look through webcams, capture screens, log keystrokes, and a wide variety of other dangerous features. Learn how you can protect your computer and your sensitive information from this severe cybersecurity threat in this short slide presentation.

Technologie
1  sur  10
Télécharger pour lire hors ligne
akamai.com Blackshades RAT Highlights from a State of the Internet Threat Advisory
= what is blackshades? •  Blackshades RAT is a Remote Access Tool – an exceptionally powerful cybercrime threat •  RATs (Also known as Remote Administration Trojans) are surveillance tools that can extract sensitive information •  Blackshades has already been used for blackmail and extortion against famous personalities •  Blackshades has an enormous variety of features – making it extremely popular for cybercrime 2 / [state of the internet] / threat advisory
= about blackshades •  Blackshades surfaced on the Internet in 2010 •  One of the most popular RATs in the criminal underground •  The creators were recently arrested by the FBI, along with 90 other people involved in its distribution •  Several attacks, including the blackmail and extortion of Miss Teen USA and use by government entities, received media attention 3 / [state of the internet] / threat advisory
= stealth techniques •  Blackshades is extremely hard to detect, and requires expertise to remove. ⁄  File cloning allows the Blackshades payload to appear identical to a legitimate file ⁄  Can detect the presence of a debugger ⁄  Contains anti-kill feature that can shut down or even crash the computer if the user attempts to terminate the payload process ⁄  FUD (Fully Undetectable) crypters allow the payload to bypass antivirus programs 4 / [state of the internet] / threat advisory
= what can blackshades do? •  Surveillance ⁄  Keylogging monitors for passwords and credentials ⁄  Webcam access allows for real-world monitoring of victim ⁄  Screen view (similar to commercial products such as TeamViewer) ⁄  Live Logger provides additional context data 5 / [state of the internet] / threat advisory
= what can blackshades do? •  Remote Administration Capabilities ⁄  Blackshades provides malicious actors with all the same information as if they had access to the physical machine ⁄  Provides operating system administration utilities such as registry access and process enumeration ⁄  Attacker can remotely download and run executables on infected machine – including additional malware or DDoS toolkits 6 / [state of the internet] / threat advisory
= what can blackshades do? •  Additional features ⁄  Can take control of the mouse, either for annoyance purposes (erratic mouse movement) or monetary purposes (forcing user to click on ads) ⁄  File hijacker is ransomware – encrypt victim’s files and prompt user to pay for the decryption key 7 / [state of the internet] / threat advisory
= mitigation tips •  Download the Blackshades RAT threat advisory for indicators of infection and a YARA rule •  Due to the high degree of stealth in the payload and infection techniques, practice diligence when browsing the Internet, reading emails, and using other Web-based applications prone to attacks •  Review the FBI advisory to learn about other potential signs of infection 8 / [state of the internet] / threat advisory
= threat advisory: blackshades RAT •  Download the threat advisory at www.stateoftheinternet.com/blackshades •  This DDoS threat advisory includes: ⁄  Recent history of remote access tools ⁄  Example payloads and payload builder analysis ⁄  Analysis of infection and persistence process ⁄  Detailed overview of remote access and surveillance capability ⁄  Indicators of infection ⁄  Mitigation advice, including YARA rule 9 / [state of the internet] / threat advisory
= about stateoftheinternet.com •  StateoftheInternet.com, brought to you by Akamai, serves as the home for content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. •  Visitors to www.stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualizations, and other resources designed to put context around the ever-changing Internet landscape. 10 / [state of the internet] / threat advisory

Recommandé

Computer virus
Computer virusComputer virus
Computer virus
sajeena81
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
nazar60
 
Hacking
HackingHacking
Hacking
sajeena81
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
sabtolinux
 
Security
Security Security
Security
chian417
 
Ransomware protection
Ransomware protectionRansomware protection
Ransomware protection
Rohit Srivastwa
 
Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measures
joy grace bagui
 
Intrusion in computing
Intrusion in computingIntrusion in computing
Intrusion in computing
Eduardo Cambinda
 

Recommandé

Computer virus
Computer virusComputer virus
Computer virus
sajeena81
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
nazar60
 
Hacking
HackingHacking
Hacking
sajeena81
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
sabtolinux
 
Security
Security Security
Security
chian417
 
Ransomware protection
Ransomware protectionRansomware protection
Ransomware protection
Rohit Srivastwa
 
Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measures
joy grace bagui
 
Intrusion in computing
Intrusion in computingIntrusion in computing
Intrusion in computing
Eduardo Cambinda
 
Basic about cyber crime, computer crime
Basic about cyber crime, computer crimeBasic about cyber crime, computer crime
Basic about cyber crime, computer crime
Rib Vocal
 
Network Security
Network SecurityNetwork Security
Network Security
Joe Baker
 
Presentation network security
Presentation network securityPresentation network security
Presentation network security
Talent Dzinoruma
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
Khawar Nehal khawar.nehal@atrc.net.pk
 
Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)
SHUBHA CHATURVEDI
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Subramanian VE
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
Kevin Fisher
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
Sweta Leena Panda
 
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
Theko Moima
 
WEB APPLICATION SECURITY
WEB APPLICATION SECURITYWEB APPLICATION SECURITY
WEB APPLICATION SECURITY
yashwanthlavu
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsMitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Digital Shadows
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOV
Eric Vanderburg
 
Spy Programs
Spy ProgramsSpy Programs
Spy Programs
HHSome
 
Internet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security ConcernsInternet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security Concerns
Akshay Jain
 
Cyber Security # Lec 2
Cyber Security # Lec 2Cyber Security # Lec 2
Cyber Security # Lec 2
Kabul Education University
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
vishnukp34
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
Kashif Semple
 
Unit 3
Unit 3Unit 3
Unit 3
abhishek srivastav
 
Security Software
Security SoftwareSecurity Software
Security Software
bennybigbang
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture A
CMDLearning
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
Adebisi Tolulope
 
Application security
Application securityApplication security
Application security
Hagar Alaa el-din
 

Contenu connexe

Tendances

Spy Programs
Spy ProgramsSpy Programs
Spy Programs
HHSome
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
Kashif Semple
 

Tendances (20)

Basic about cyber crime, computer crime
Basic about cyber crime, computer crimeBasic about cyber crime, computer crime
Basic about cyber crime, computer crime
 
Network Security
Network SecurityNetwork Security
Network Security
 
Presentation network security
Presentation network securityPresentation network security
Presentation network security
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
 
Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
 
WEB APPLICATION SECURITY
WEB APPLICATION SECURITYWEB APPLICATION SECURITY
WEB APPLICATION SECURITY
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsMitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOV
 
Spy Programs
Spy ProgramsSpy Programs
Spy Programs
 
Internet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security ConcernsInternet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security Concerns
 
Cyber Security # Lec 2
Cyber Security # Lec 2Cyber Security # Lec 2
Cyber Security # Lec 2
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
 
Unit 3
Unit 3Unit 3
Unit 3
 
Security Software
Security SoftwareSecurity Software
Security Software
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture A
 

Similaire à State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilities
richarddxd
 
Complete notes security
Complete notes securityComplete notes security
Complete notes security
Kitkat Emoo
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 
Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documents
UltraUploader
 
What is Remote Administration Tools (RAT).pdf
What is Remote Administration Tools (RAT).pdfWhat is Remote Administration Tools (RAT).pdf
What is Remote Administration Tools (RAT).pdf
uzair
 

Similaire à State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation (20)

Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
 
Application security
Application securityApplication security
Application security
 
Practical Incident Response - Work Guide
Practical Incident Response - Work GuidePractical Incident Response - Work Guide
Practical Incident Response - Work Guide
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilities
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
 
Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
 
Complete notes security
Complete notes securityComplete notes security
Complete notes security
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdf
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documents
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 
CyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicCyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topic
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
What is Remote Administration Tools (RAT).pdf
What is Remote Administration Tools (RAT).pdfWhat is Remote Administration Tools (RAT).pdf
What is Remote Administration Tools (RAT).pdf
 
42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdf
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
 

Plus de State of the Internet

Plus de State of the Internet (7)

Largest 2013 DDoS Attacks Mitigated by Quarter
Largest 2013 DDoS Attacks Mitigated by QuarterLargest 2013 DDoS Attacks Mitigated by Quarter
Largest 2013 DDoS Attacks Mitigated by Quarter
 
Top 10 DDoS Trends for 2013 Infographic
Top 10 DDoS Trends for 2013 InfographicTop 10 DDoS Trends for 2013 Infographic
Top 10 DDoS Trends for 2013 Infographic
 
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
Q3 2013 Global DDoS Attacks | DDoS Attack StatisticsQ3 2013 Global DDoS Attacks | DDoS Attack Statistics
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
 
The Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsThe Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack Statistics
 
Rise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicRise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - Infographic
 
DDoS Attack & Defense Infographic
DDoS Attack & Defense InfographicDDoS Attack & Defense Infographic
DDoS Attack & Defense Infographic
 
Q3 2013 Global DDoS Attack Report
Q3 2013 Global DDoS Attack ReportQ3 2013 Global DDoS Attack Report
Q3 2013 Global DDoS Attack Report
 

Dernier

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Dernier (20)

WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

  • 1. akamai.com Blackshades RAT Highlights from a State of the Internet Threat Advisory
  • 2. = what is blackshades? •  Blackshades RAT is a Remote Access Tool – an exceptionally powerful cybercrime threat •  RATs (Also known as Remote Administration Trojans) are surveillance tools that can extract sensitive information •  Blackshades has already been used for blackmail and extortion against famous personalities •  Blackshades has an enormous variety of features – making it extremely popular for cybercrime 2 / [state of the internet] / threat advisory
  • 3. = about blackshades •  Blackshades surfaced on the Internet in 2010 •  One of the most popular RATs in the criminal underground •  The creators were recently arrested by the FBI, along with 90 other people involved in its distribution •  Several attacks, including the blackmail and extortion of Miss Teen USA and use by government entities, received media attention 3 / [state of the internet] / threat advisory
  • 4. = stealth techniques •  Blackshades is extremely hard to detect, and requires expertise to remove. ⁄  File cloning allows the Blackshades payload to appear identical to a legitimate file ⁄  Can detect the presence of a debugger ⁄  Contains anti-kill feature that can shut down or even crash the computer if the user attempts to terminate the payload process ⁄  FUD (Fully Undetectable) crypters allow the payload to bypass antivirus programs 4 / [state of the internet] / threat advisory
  • 5. = what can blackshades do? •  Surveillance ⁄  Keylogging monitors for passwords and credentials ⁄  Webcam access allows for real-world monitoring of victim ⁄  Screen view (similar to commercial products such as TeamViewer) ⁄  Live Logger provides additional context data 5 / [state of the internet] / threat advisory
  • 6. = what can blackshades do? •  Remote Administration Capabilities ⁄  Blackshades provides malicious actors with all the same information as if they had access to the physical machine ⁄  Provides operating system administration utilities such as registry access and process enumeration ⁄  Attacker can remotely download and run executables on infected machine – including additional malware or DDoS toolkits 6 / [state of the internet] / threat advisory
  • 7. = what can blackshades do? •  Additional features ⁄  Can take control of the mouse, either for annoyance purposes (erratic mouse movement) or monetary purposes (forcing user to click on ads) ⁄  File hijacker is ransomware – encrypt victim’s files and prompt user to pay for the decryption key 7 / [state of the internet] / threat advisory
  • 8. = mitigation tips •  Download the Blackshades RAT threat advisory for indicators of infection and a YARA rule •  Due to the high degree of stealth in the payload and infection techniques, practice diligence when browsing the Internet, reading emails, and using other Web-based applications prone to attacks •  Review the FBI advisory to learn about other potential signs of infection 8 / [state of the internet] / threat advisory
  • 9. = threat advisory: blackshades RAT •  Download the threat advisory at www.stateoftheinternet.com/blackshades •  This DDoS threat advisory includes: ⁄  Recent history of remote access tools ⁄  Example payloads and payload builder analysis ⁄  Analysis of infection and persistence process ⁄  Detailed overview of remote access and surveillance capability ⁄  Indicators of infection ⁄  Mitigation advice, including YARA rule 9 / [state of the internet] / threat advisory
  • 10. = about stateoftheinternet.com •  StateoftheInternet.com, brought to you by Akamai, serves as the home for content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. •  Visitors to www.stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualizations, and other resources designed to put context around the ever-changing Internet landscape. 10 / [state of the internet] / threat advisory