Hidden Link Between TrickBot "Anchor" & North Korea "Lazarus” State Sponsored Group
2020-09-14,
AdvIntel
https://www.x33fcon.com/slides/x33fcon20_Vitali_Kremez_-_Keynote_Hidden_Link_Between_TrickBot_"Anchor"_&_North_Korea_"Lazarus"_State_Sponsored_Group,_or_How_North_Korean_Hackers_are_Working_with_Eastern_European_Cybercriminals.pdf
x33fcon20_Vitali_Kremez_-_Keynote_Hidden_Link_Between_TrickBot_Anc_6ADJnEe.pdf, 2.7 MB
#TrickBot #Slides
https://www.x33fcon.com/slides/x33fcon20_Vitali_Kremez_-_Keynote_Hidden_Link_Between_TrickBot_"Anchor"_&_North_Korea_"Lazarus"_State_Sponsored_Group,_or_How_North_Korean_Hackers_are_Working_with_Eastern_European_Cybercriminals.pdf
x33fcon20_Vitali_Kremez_-_Keynote_Hidden_Link_Between_TrickBot_Anc_6ADJnEe.pdf, 2.7 MB
#TrickBot #Slides
Contents
How North Korean Hackers are
Working with Eastern European
Cybercriminals
@VK_Intel
Vitali Kremez
Impact
Agenda
! The Wind of Time Shakes the Underground | HighTech Cybercrime & APT | Most Sophisticated &
Resourceful Crimeware Group
! TrickBot Race to Perfection: The Aesthetics of
Blurred Lines
! The “Anchor” Mystery
! Uniting the Ununitible — Crimeware Meets APT
! Conclusion: The Deadly Planeswalker
! YARA Hunting…for Crypt
~whoami
Vitali Kremez is a well-known ethical hacker.
His cybercrime and nation-state research and discoveries led to his
direct name appearing in the malware linked to the Russian nationstate group known as "APT28," which is believed to the military
operation led by the Russian GRU after his blog revealing one
particular group malware. Moreover, his name oftentimes appears
in various malware families from Maze to Medusa ransomware as
cybercrime tribute to him by the criminal actors who closely watch
and acknowledge his research.
Executive & Strategic Advisor
Personal blog: vkremez.com
Twitter: @VK_Intel
Cybercrime Trends (2020)
• Sophisticated criminal enterprises such as TrickBot & QakBot &
TA505 - focused on …
Working with Eastern European
Cybercriminals
@VK_Intel
Vitali Kremez
Impact
Agenda
! The Wind of Time Shakes the Underground | HighTech Cybercrime & APT | Most Sophisticated &
Resourceful Crimeware Group
! TrickBot Race to Perfection: The Aesthetics of
Blurred Lines
! The “Anchor” Mystery
! Uniting the Ununitible — Crimeware Meets APT
! Conclusion: The Deadly Planeswalker
! YARA Hunting…for Crypt
~whoami
Vitali Kremez is a well-known ethical hacker.
His cybercrime and nation-state research and discoveries led to his
direct name appearing in the malware linked to the Russian nationstate group known as "APT28," which is believed to the military
operation led by the Russian GRU after his blog revealing one
particular group malware. Moreover, his name oftentimes appears
in various malware families from Maze to Medusa ransomware as
cybercrime tribute to him by the criminal actors who closely watch
and acknowledge his research.
Executive & Strategic Advisor
Personal blog: vkremez.com
Twitter: @VK_Intel
Cybercrime Trends (2020)
• Sophisticated criminal enterprises such as TrickBot & QakBot &
TA505 - focused on …