Hack Back - Bug Hunting on the Dark Side

Explore the humorous side of cybersecurity in this 45-minute conference talk from NDC Security 2018. Delve into the world of malware and discover how attackers' mistakes can be exploited to your advantage. Learn about real-world examples of bugs in malware, including simple typos that derail stealthy attack campaigns, overlooked crypto dependencies that compromise command and control architectures, and coding errors that render malicious software useless. Gain insights into various malware types, including Stuxnet, ransomware, and banking trojans, while understanding common pitfalls in their implementation. Examine topics such as AES encryption, sanitization, prepared statements, and infection methods. Join speaker Felix Leder for an entertaining and informative journey through the dark side of hacking, filled with hilarious anecdotes, scary revelations, and plenty of face-palm moments.

Intro
Everybody makes mistakes
Config
Stuxnet
Kiryas
Common mistakes
Ransomware
AES Encryption
Another ransomware
Who wrote the ransomware
The point of ransomware
Hacking starting slowly
Root password
User table
Banking Trojan
Sanitization
Construction Kits
Prepared Statements
Whaledeck
Relay
Encryption
Pictures
Three problems
Configure
Infection stopped
Summary