No Distribute Scanners: A Perfect Testing Ground for Malware Developers

Abstract

Let’s take an undercover dive into the world of No-Distribute Scanners: scanning portals often used by malware authors on their search for the perfect Fully UnDetectable (FuD) malware. During the talk, we will go into detail about the different kinds of NDS portals, their userbase, how they are used, and how they work. This will not only help you better understand how NDSs allow malware developers to increase the average time a sample goes unnoticed by the threat intelligence community, but to see how they use the results as tangible proof to monetize their offering.

Mathieu Gaucheler

Mathieu Gaucheler is a subject matter expert at Maltego. His responsibilities include research-driven content development for blog posts, webinars, and talks. He has a background in sandbox development, from which his passion for NDSs was born, and has previously presented his research at BotConf and RSA APJ.

 

Florian Murschetz

Florian Murschetz is an IT and security specialist with more than 10 years of professional experience. He has previously supported both internal stakeholders and customers in vulnerability management, pentesting, incident handling and IT-Forensics. He is also an active member of the local hackspace known as “telnet community” and is a fellow in the CCC (Chaos Computer Club) community.