$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Hitting the Silent Alarm on Banking Trojans

  • Thursday, June 27, 2019 at 10:30 AM EST (2019-06-27 14:30:00 UTC)
  • Jacob Williams, Rohan Viegas, Tamas Boczan


  • VMRay

You can now attend the webcast using your mobile device!



Banking Trojans are a complex, expensive type of malware with a wide range of features. Unlike common infostealers - which are sold to anyone for a few dollars - Banking Trojans are purchased by fewer, more professional threat actors. Some of these malware families have eventful histories spanning a decade, involving constant code changes, and occasionally arrests and leaks.

Banking Trojans focus on stealing customer banking information but can often do much more. Threat actors pay a premium for this capability. They contain a far more extensive set of features than run-of-the-mill malware, usually packaged as a complex, modular framework. Modules of the malware can implement lateral movement, all types of credential stealing possible, botnet features, backdoors, cryptomining or deploying secondary payloads such as ransomware.

In this SANS Webcast, VMRay Sr. Threat Analyst Tamas Boczan, Product Manager Rohan Viegas and SANS Analyst Jake Williams will answer:

  • What are the most common banking Trojans in the wild?
  • Which techniques do they use?
  • How can security professionals improve their detections?

Speaker Bios

Jacob Williams

Jacob Williams is a SANS Analyst, certified SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development, and digital counter-espionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud-data exfiltration and the tools and guidance to secure client data against sophisticated, persistent attack on-premises and in the cloud.

Rohan Viegas

Rohan brings over 12 years of experience in product development and management roles to VMRay. In his role as Product Manager for Hewlett-Packard Enterprise, prior to VMRay, Rohan managed a portfolio of products including network management and security software.

Tamas Boczan

Tamas is a Senior Threat Analyst at VMRay. He is responsible for finding and analyzing relevant malware samples and improving VMRay's detection capabilities. Prior to VMRay, Tamas researched evasive malware and developed a malware analysis sandbox at an Anti-Virus company.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.