cybercrime & business. jak wygrać tę wojnę?

Cybercrime & Business

How do we fight this war?

Pirkka Palomäki

Chief Technology OfficerF-Secure Corporation

facebook, myspace, twitter, linkedin?

FloppyLanEmailWeb

Operating systemBrowsersJavaAdobe FlashAdobe PDF readerQuicktime

Acrobat

Flash

Case Darkmarket

Featuring Mr. Cagatay Evyapanaka "Cha0"

FeaturingMr. Adewale Taiwo

Case Mebroot

Case Mebroot – short introduction

The first complex MBR rootkit with malicious payload

Kernel-mode downloader and backdoor

Downloads PWS and banking Trojan components

Strengths of Mebroot:

No executable files on file system

No registry keys or standard launch points

No driver module in module list

Minimal memory footprint

Early execution during system startup

Stealth read/write disk operations

Stealth Anti-Removal protection

Totally generic, open malware platform (MAOS)

How do we work?

F-Secure Dashboard

Myth To Forget

Obsolete for Hundreds of Thousands

of samples every day

Malware Samples / Acquisition

AutomaticAnalysis

DetectionEngine

TechnologyTechnology

Malware Researchers &

Analysts Researchers &

Real-time delivery

Security Research Flow; The Critical Chain

SMA Decisions – daily

thank you