Thursday 25 September 10:00 - 10:30, Red room.
Rahul Kashyap Bromium
Vadim Kotov Bromium
download slides (PDF)
In this research we address the problem of leveraging ad networks to spread malicious programs, also known as malvertising. Yes, it's 2014, and our investigation determines that this abuse is still rampant. It puts a significantly large population at risk.
In this talk we start with the live capture of malware that we uncovered on YouTube. We then talk about the possibilities and perils that lie ahead. Our goals are to determine how web advertising could be exploited to spread malware, the chances of malicious banners being detected by security crawlers, and how malicious banners can bypass anti-malware checks and stay undetected.
We try to estimate how vulnerable the somewhat 'opaque' ad-networking industry is, and what countermeasures could be applied to lower the severity of the threats it poses.
Rahul Kashyap is Chief Security Architect, Head of Security Research at Bromium. At Bromium he is responsible for product security, R&D, Bromium Labs and industry outreach. Rahul has written several security research papers, blogs, journals and articles that are frequently quoted. Before joining Bromium, he led the worldwide Vulnerability Research teams at McAfee Labs, a wholly owned subsidiary of Intel. He has architected several cyber defence technologies on exploit prevention and mitigation for host and network security technologies.
Vadim Kotov is a security researcher working with Bromium Labs. He has extensive experience in the areas of reverse engineering, malware analysis and machine learning. In 2012, Vadim was a member of the security research group at the University of Trento (Italy). Vadim graduated from USATU (Russia) with a Bachelor's degree from the computer security and doctorate program. His research work has been published at events such as ESSoS and USENIX CSET. He also is an active blogger on the Bromium Labs 'Call of the Wild' blog.