DeepSec 2019 Talk: How To Create a Botnet of GSM Devices – Aleksandr Kolchanov

Sanna/ November 26, 2019/ Conference

There are different types of GSM-devices: from GSM-alarms for homes and cars to industrial controllers, remote-controlled electric sockets and smartwatches for kids. Also, often they are vulnerable, so GSM-devices are interesting targets for hackers and pranksters. But it is easier to hack a device than to find these devices (usually, you should make a call, send SMS with a command to the phone number of this device, so it is necessary for an attacker to know or find this number). During this talk, I will give a short overview of types of devices and common vulnerabilities, then I will tell about different methods, which can be used to find the phone number of the device. Also, I will show some funny ideas, which allows hackers to create small (or huge, who knows?) botnet of

Read More

DeepSec 2017 Talk: Uncovering And Visualizing Botnet Infrastructure And Behavior – Andrea Scarfo & Josh Pyorre

Sanna/ September 28, 2017/ Conference, Internet

When you read about information security, then you might get the impression that there are lots of nameless threats Out There™. Especially when it comes to networked malicious software, i.e. malware, that forms robot armies, the picture gets a lot more vague and foggy. So you need to get some details to sharpen your view. There are some means how to do this, and you will be told at DeepSec 2017 by Andrea Scarfo and Josh Pyorre. How much information about a botnet can one find using a single IP address, domain name or indicator of compromise (IOC)? What kind of behavior can be determined when looking at attacker and victim infrastructure? In an attempt to discover and analyze the infrastructure behind large-scale malware activity, Andrea and Josh began their research with known indicators

Read More

DeepSec 2017 Talk: Next-Gen Mirai Botnet – Balthasar Martin & Fabian Bräunlein

Sanna/ September 27, 2017/ Conference, Internet, Security

While you were living in a cave, devices took over the world and got connected to the network. This is the state of affairs we live in right now. As long as nothing happens we don’t notice anything about it. The Mirai (未来) botnet changed this all of a sudden. Consumer devices were drafted into an army of bots. Thanks to the proliferation of networked devices such as cameras, home routers, and others the botnet was very successful. The code was designed to run on embedded devices and is even online for inspection. Let’s take a look at how to improve Mirai. Badly secured embedded devices enabled the largest DDoS attack on critical networks seen to date: The Mirai attacks in 2016 were largely pegged on Internet-exposed telnet with default credentials. While such telnet

Read More

DeepSec 2013 Talk: Europe In The Carna Botnet – Telnet’s Threat To The Largest Economy

René Pfeiffer/ September 21, 2013/ Conference, Security

Botnets have been around since 1999. These herds of networked and compromised systems (called zombies) are the tool of the trade for many groups. It’s the  zombie outbreak of the information age. The analysis of existing botnets is an important task of security researchers around the globe. The study of the malware involved, the infection process and the inter-node communication of the infected systems is crucial for the dismantling of the botnet. Therefore we are happy to present Parth Shukla’s talk on the Carna botnet. It was created by an anonymous hacker to create a census of the (IPv4) Internet. Parth has been analysing the devices that formed part of the Carna Botnet. The data concerning the devices was provided by the anonymous researcher. He has distributed the relevant data to many CERTs and

Read More