Lazarus The Tale of the three RATS
The Lazarus APT has been targeting the renewable energy sector across Japan, United States and Canada. On these campaigns it has used some old tools, but more importantly it has used a new RAT built from scratch. This new RAT is based on QtFramework, a graphical interface which has no record of being used to build malware before. In this presentation Vitor will take a deep dive into this new RAT and will show the techniques, tools and procedures used by Lazarus APT to compromise the organizations, on this highly targeted campaign.
Vitor Ventura
Vitor Ventura is a Cisco Talos security researcher and manager of the EMEA and Asia Outreach team. As a researcher, he investigated and published various articles on emerging threats. Most of the day Vitor is hunting for threats, reversing them but also looking for the geopolitical and/or economic context that better suits them. Vitor has spoken in conferences, like LabsCon, VirusBulletin, NorthSec, Recon, Recon Bruxels, Defcon’s Crypto and Privacy Village, among others. Prior to that he was IBM X-Force IRIS European manager and lead incident responder, and at IBM X-Force RED where he was a lead penetration tester. Vitor holds a BSc in Computer Science and multiple security related certifications like GREM (GIAC Reverse Engineer Malware), CISM (Certified Information Security Manager).