SECurity FUNdamentals

Peeling The Layers Of Vawtrak


Expo Theatre (Hall G) October 20, 2015 - Feedback     

Bookmark and Share

Raul Alvarez

Vawtrak, also called NeverQuest, is a banking malware that targets banks and other financial institutions all over the world. It is a sophisticated malware that challenges the likes of Zeus and other malevolent trojans. Vawtrak has been seen to bypass 2FA, captured video and screenshots, and also form part of a big botnet infrastructure. Vawtrak is a very sophisticated malware not only in its malicious features, but also in its code. It uses a new modern technique called layering, similar to a Matryoshka doll, wherein the original malware produces another malware from within its binaries.