Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
To Learn More: LinuxCon Europe | CloudOpen Europe | Embedded Linux Conference Europe.

Attendees! Please provide us feedback on the sessions you attend! Click here to submit a brief survey for each session and win a $250 Amazon gift certificate. 

>> Tracing Summit: View the Full Schedule

View analytic
Wednesday, October 15 • 4:30pm - 5:20pm
Advanced Linux Server-Side Threats: How They Work and What You Can do About Them - Olivier Bilodeau and Marc-Etienne M.Léveillé, ESET

Sign up or log in to save this to your schedule and see who's attending!

Server-side malware evolved. Attackers were motivated by defacement or direct damage, using small-scale and targeted operations. Nowadays we are seeing an increase in organized crimeware campaigns leveraging compromised Linux servers for financial gain through website redirections infecting end-users and spam. Furthermore, malicious gangs base their operation's infrastructure on these same servers, making takedown or law enforcement intervention complex.

This presentation will cover the evolution of Linux malware and describe the Windigo threats affecting more than 25 000 servers. We will give in-depth technical details on the malware involved, show how it is deployed by the operators and how they are able to defeat current defensive technologies. More importantly, we will describe hands-on detection and incident response tips to quickly assess one's servers and help in the fight.

Speakers
avatar for Olivier Bilodeau

Olivier Bilodeau

Malware Researcher, ESET
Coming from the dusty Unix server room world, Olivier evolved professionally in networking, information security and open source software development to become malware researcher at ESET. He likes to do memory forensic on infected servers, reverse engineer obfuscated Perl scripts and brew beer. He is interested in bringing more openness in the malware research field by releasing elaborate indicators of compromise (IOC) and code created as part of... Read More →
avatar for M. M. Léveillé

M. M. Léveillé

Malware Researcher, ESET
Marc-Etienne is a malware researcher at ESET since 2012. He specializes in malware attacking unusual platform, whether it's fruity hardware or software from south pole birds. Lately, Marc-Etienne was mostly reverse engineering server-side malware to discover their inner working and operation strategy. He enjoys participating in CTF competitions like a partying gentleman and playing the clarinet. He tweets sporadically at @marc_etienne_.


Wednesday October 15, 2014 4:30pm - 5:20pm
Room 02