VB2013 speaker spotlight

Posted by   Virus Bulletin on   Jul 12, 2013

We speak to James Wyke about his research interests and what he aims to bring to VB2013.

The VB2013 conference takes place this autumn (2-4 October) in Berlin, with an exciting programme that covers many of today's most pertinent security-related topics.

In the build-up to the event we are running a series of blogs in which we introduce the speakers and find out a bit more about their research interests and what they aim to bring to the conference.

Today, we speak to James Wyke who will speak at VB2013 about some of the less well documented aspects of the ZeroAccess botnet.

Tell us a little bit about yourself - your job and your responsibilities.

James Wyke "I am a Senior Threat Researcher with Sophos in the UK. Generally speaking I spend my day carrying out in-depth analysis, identifying new and emerging threats, and coming up with novel and effective approaches to protection."

Can you give us a brief outline of what you will be speaking about at VB2013?

James Wyke "I will be delivering a presentation on the ZeroAccess botnet. I explore some of the less well documented aspects of the botnet and to what ends it is being employed. Areas that will be covered include: hiding command and control information in legitimate-seeming network traffic, using decoy URLs to blacklist researchers' IP addresses, and using bogus domain names to mislead analysis. I will also assess how much revenue ZeroAccess could be generating from BitCoin mining and click fraud."

Why is your presentation particularly relevant to the security community?

James Wyke "ZeroAccess is a huge botnet that has survived and thrived for a considerable amount of time. It is important to understand the mechanisms by which this has been achieved and to what purposes such an entity is put so that we can combat it now and attempt to prevent similar creations from reoccurring in the future."

What can delegates learn from your presentation?

James Wyke "Hopefully delegates will learn a few things they didn't know about one of the largest botnets in existence. "

What other presentations are you looking forward to?

James Wyke "'Behavioural detection of HTTP-based botnets' sounds particularly interesting, as does 'Using statistical analysis of DNS traffic to identify infections of unknown malware'."

What are you looking forward to about your trip to VB2013?

James Wyke "I have been to Berlin before, but didn't get to see much of it last time - it would be great to visit the zoo. Catching up with a few ex-colleagues will be fun, as will meeting new people - and drinking interesting beers in the bar is always enjoyable!"

James Wyke will present 'Back channels and bitcoins: ZeroAccess' secret C&C communications' at 12:00 on Wednesday 2 October.

The full programme for VB2013, including abstracts for each paper, can be viewed here.

Read more about why you should attend VB2013 - and download our letter templates as a guide for justifying to your budget holder why you should attend VB2013.

VB2013 takes place 2-4 October 2013 in Berlin, Germany - online registration is now open - we'd love to see you there!

Posted on 12 July 2013 by Helen Martin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: APT cases exploiting vulnerabilities in region-specific software

At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their…

New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs

In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request…

VB2020 programme announced

VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.

VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail

At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.

VB2019 paper: 2,000 reactions to a malware attack – accidental study

At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.