The Snake Keeps Reinventing Itself

Explore the evolution and tactics of a sophisticated malware known as "The Snake" in this 45-minute conference talk from Hack.lu 2018. Delve into the four main steps of its operation, including infection vectors, fake flashing techniques, and the full infection cycle. Examine possible explanations for its spread, such as ISP compromise and lateral movement. Learn about the malware's cleaning processes, output backdoor, and the intricacies of its outlook output protocol manager. Witness a live demonstration of the backdoor in action and gain insights into effective monitoring strategies. Enhance your understanding of advanced persistent threats and cybersecurity measures through this comprehensive analysis presented by security experts Jean-Ian Boutin and Matthieu Faou.

Introduction
Overview
The Snake
Four Main Steps
Infection vectors
Fake flashing star
Full infection cycle
Possible explanations
ISP compromise
Lateral movement
Cleaning
Output Backdoor
Outlook Output Protocol Manager
The Backdoor
Demo
Monitoring
Conclusion