Predictive Intelligence: Maximizing Adversary Operational Insights

Presented by

Senior Analysts, DeepSight Intelligence Cybercrime Team

About this talk

For the past year, Symantec’s DeepSight Intelligence team has been monitoring the Dyre banking Trojan, in an effort to provide customers with predictive intelligence. This includes tracking updates to the Dyre configuration and management panel in order to identify new financial and private sector targets that are being systematically added by criminal threat actors on a regular basis. In this session the DeepSight team will explain how the Dyre development and targeting process operates, and provide details on new Dyre targets outside of the financial arena that have been observed since September. The speakers will also detail activity on cybercrime forums related to Dyre threat actor activity, including examples relating to the tight control of access to the Dyre botnet. Further insights will be provided through a case study showing Dyre being used by a distinct criminal threat group. The case study will demonstrate how this threat group uses commodity malware interchangeably including Dyre, Dridex, Vawtrak, and POS malware variants and will provide details regarding their established TTPs for malware delivery, management, and infrastructure.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (410)
Subscribers (92385)
Broadcom’s Symantec Enterprise Division, the global leader in cyber security, helps organizations and governments secure identities and information wherever they live. Organizations across the world look to Broadcom’s Symantec Enterprise Division for strategic, integrated solutions to defend against sophisticated attacks across endpoints, identities, and infrastructure, whether on-premises, in the cloud, or both. Visit: