Hiding In Plain Sight: Unique Methods Of C2 From Infostealers

DISCARDED: Tales From the Threat Research Trenches - A podcast by Proofpoint

Categories:

Network-based detections, such as those developed by threat detection engineers using tools like suricata and snort signatures, play a crucial role in identifying and mitigating cyber threats by scrutinizing and analyzing network traffic for malicious patterns and activities.Today’s guest is Isaac Shaughnessy, a Threat Detection Engineer at Proofpoint. Isaac shares his insights into the challenges of detecting and mitigating malware, especially those using social platforms for command and control. He emphasizes the team's engagement with the InfoSec community, highlighting the value of platforms like Twitter and Mastodon for sharing and receiving information.We also dive into:the unique challenges of crafting effective signaturesthe specifics of malware, focusing on Vidar stealer and highlighting the dynamic nature of Vidar's command and control infrastructurethe distribution methods of these malware strains, from email campaigns to unconventional tactics like using video game platforms and social media for luring victimsResources mentioned:Intro to Traffic Analysis w/ Issac ShaughnessyEmerging Threats Mastodon: https://infosec.exchange/@emergingthreatsThreat Insight Mastodon: https://infosec.exchange/@threatinsightVidar Stealer Picks Up Steam!For more information, check out our website.