Chats, Cheats and Cracks - Abuse of Collaboration Platforms in Malware Campaigns
Offered By: YouTube
Course Description
Overview
Explore a conference talk from OISF 2021 examining the exploitation of collaboration platforms like Discord and Slack in malware campaigns. Delve into the methods used for malware distribution, delivery, and command and control through these platforms. Learn about specific malware campaigns, including email examples, component retrieval, and persistence techniques. Investigate the use of webhooks, access tokens, and other platform-specific features for malicious purposes. Gain insights into business protections and Cisco Talos' findings on these threats. Conclude with audience questions and a discussion on CPEC use in this context.
Syllabus
Introduction
Presentation Overview
Background
Discord and Slack
Malware Distribution
Malware Delivery
Slack File Access
VirusTotal
Volume Increase
Malware Fan Campaigns
Email Example
Email Source Code
Component Retrieval
Stage Retrieval
Persistence
Async Rap
PDF
Discord CD
Command and Control
Webhooks
Discord Webhook
Slack Webhook
Initial Beacon
Portmap
Discord Send Webhook
Command Output
Ransomware
Access Tokens
Main Crack
Growtopia
Slack Cookies
Slack Pirate
Business Protections
Cisco Talos
Audience Questions
CPEC Use
Related Courses
Malicious Software and its Underground Economy: Two Sides to Every StoryUniversity of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy