Tracing the advanced persistent threat: Interview with Joe Stewart

Share this article:
While McAfee's recently released "Shady RAT" report concentrated on the victims of a mass cyberespionage ring, another researcher has decided to focus his attention on the adversaries behind such attacks. In a video recorded last week at  the Black Hat conference in Las Vegas, Joe Stewart of Dell SecureWorks explains how he was able to trace 60 families of custom malware thanks to error messages yielded by a "connection bouncer" tool used by the hackers to hide their tracks, but which inadvertently pointed back to about a dozen command-and-control centers hosted by ISPs in China. Two of the malware families are known to have been used in the RSA SecurID breach. "It gives you a better line on attribution," Stewart told SCMagazineUS.com.
Share this article:
You must be a registered member of SC Magazine to post a comment.

More in Videos

Preparing for the Internet of Things

In this video, John McCormack, CEO at Websense, sits with SC Magazine Senior Reporter Danielle Walker, to discuss how enterprises can be prepared for the coming Internet of Things.

Getting ahead on medical device security

In this video, Jay Radcliffe, senior security researcher at Rapid7, discusses his recent work and how the industry needs to get ahead of the game when it comes to medical device security.

The industry's role in public safety

In this video, Joshua Corman, CTO at Sonatype, chats with SC Magazine's Danielle Walker on his involvement in some important upcoming initiatives.