Hiding in Plain Sight: When Malware Abuses Legitimate Services for Communications

  • Webcast Aired Friday, 21 Apr 2017 11:00AM EDT (21 Apr 2017 15:00 UTC)
  • Speaker: Josh Reynolds

Malicious actors increasingly use modern hosting providers, such as Pastebin and Imgur, to quickly and effectively serve malicious content to users. Using legitimate services to host malicious content makes it easier for threat actors to make it past traditional defenses and blacklisting. It is difficult for hosting providers to detect malicious content within their services due to obfuscation techniques used by threat actors, and the massive amount of hosting content they provide. Although the content can be inspected, it is not possible for networks to block these domains and IP addresses as they 're legitimate services.

'

This webinar will give you a glimpse into a number of modern malware variants abusing hosting services and discuss how they can be stopped.

In this technical webinar you will learn:

1.- - The type of hosting services that threat actors are abusing

2.- - The type of communications these services are being leveraged for

3.- - Common obfuscation and evasion mechanisms used within these communication channels when abusing cloud hosting services