I am a sniper. I hunt malware. Specifically, I hunt malware that is committing a crime. Memory Dumpers, Key Loggers, and Network Sniffers are the enemy. The enemy can take on any form, he deploys stealth to hide from me. To know the enemy, I have to know HOW he works, not just what his goals are.
Sniper Forensics v3.0: Hunt will culminate the Sniper Forensics Trilogy. It will bring all of the elements of the previous two Sniper Forensics presentations to bear, and illustrate the hunt. From system preparation, to data gathering, to finally, identifying the primary target of many forensic investigators…malware.
Not only will this talk cover how to identify the most common types of criminal malware, but HOW to identify an infected host by WHAT it’s doing, not by what has traditionally been known as “malware detection” by hash comparisons, keyword searches, or even just blind luck.
This final installment will equip the investigator with the methodology, the tools, and take them on the hunt for cyber criminals in three real world scenarios!
I am a sniper. I will find and eliminate my target.