![Page 1: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/1.jpg)
Where is my money?The evolution of internet fraud
Marc Rivero (@seifreed)
![Page 2: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/2.jpg)
About…
Ah y… soy fan número uno de
![Page 3: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/3.jpg)
Agradecimientos
![Page 4: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/4.jpg)
Agradecimientos
![Page 5: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/5.jpg)
![Page 6: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/6.jpg)
EXPLOITS KITS
MALWARE MÓVILES
PHISHING TROYANOS BANCARIOS
SANDBOX
MALWARE
![Page 7: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/7.jpg)
Métodos de autenticación
ID +PASSWORD
VIRTUAL KEYBOARD
OTP CODE CARD TOKEN SMS/mTAN Smartcard2FA
![Page 8: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/8.jpg)
Hablemos de phishing
PHARMING PHISHINGCUTRE
KITS DE PHISHING
PHISHINGAVANZADO
![Page 9: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/9.jpg)
Phishing I – El cutre
![Page 10: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/10.jpg)
Phishing I – El “dirigido”
![Page 11: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/11.jpg)
¿Es esto un remedio?
![Page 12: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/12.jpg)
Social engineering toolkit
![Page 13: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/13.jpg)
Kit de phishing
![Page 14: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/14.jpg)
Kit de phishing
![Page 15: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/15.jpg)
¿Phishing 2.0?
![Page 16: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/16.jpg)
¿Phishing 2.0?
![Page 17: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/17.jpg)
URLCrazy
![Page 18: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/18.jpg)
Troyanos bancarios
• Sinowal• Carberp• Tylon• “El vampiro”
![Page 19: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/19.jpg)
TROYANOS BANCARIOS
EVOLUCIÓNPRODUCTO/SERVICIO/
PRODUCTO + SERVICIO
SOLUCIONAN FALLOS DE
DISEÑO
![Page 20: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/20.jpg)
TROYANOS EN MÓVILES
EVOLUCIÓN CON LAS
PLATAFORMAS
![Page 21: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/21.jpg)
![Page 22: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/22.jpg)
Ransomware
![Page 23: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/23.jpg)
Ransomware
![Page 24: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/24.jpg)
![Page 25: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/25.jpg)
![Page 26: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/26.jpg)
![Page 27: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/27.jpg)
Toca leer en ruso…
Anuncio en foro Underground
![Page 28: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/28.jpg)
Exploits Kits
EXPLOTAN VULNERABILIDADES
ESTADÍSTICASEXPLOIT KIT +
MALWARE BANCARIO
![Page 29: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/29.jpg)
Hey guys, check out this new exploit!
![Page 30: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/30.jpg)
Mediante los análisis son capaces de detectar el tipo de vulnerabilidad explotada
![Page 31: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/31.jpg)
Researchers analizan los Exploits kits y publican los resultados…
![Page 32: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/32.jpg)
Getting ready to use that 0day — oh, they patched it
![Page 33: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/33.jpg)
PROTECCIÓN DE EXPLOITS
KITS
![Page 34: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/34.jpg)
CANTIDADES DE MALWARE
PROCESOS AUTOMATICOS
MALWARE VS
ANALISTA
![Page 35: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/35.jpg)
Y MAS, Y MAS, Y MAS
….
![Page 36: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/36.jpg)
Cuckoo
![Page 37: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/37.jpg)
Dexter
![Page 38: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/38.jpg)
Droidbox
![Page 39: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/39.jpg)
Anubis
![Page 40: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/40.jpg)
URL Query
![Page 41: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/41.jpg)
Malware vs Analista
![Page 42: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/42.jpg)
MÁQUINA VIRTUALDEBUGURL’S
DINÁMICASTIMMING
![Page 43: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/43.jpg)
![Page 44: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/44.jpg)
PETICIÓNDNS
FALSATRÁFICO
MANIPULADO
![Page 45: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/45.jpg)
DGA
• La muestra, dependiendo en algunos casos, del año, el día etc.. Generará un dominioen base a un algoritmo.
![Page 46: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/46.jpg)
USER AGENTSSISTEMAS
OPERATIVOS
![Page 47: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/47.jpg)
![Page 48: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/48.jpg)
![Page 49: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/49.jpg)
Código ofuscado
CÓDIGOS OFUSCADOS
INTERACTÚAN CON LA BANCA
![Page 50: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/50.jpg)
Funciones…
EVOLUCIÓN EN EL ROBO DE DINERO
![Page 51: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/51.jpg)
¿Muleros?
MULEROS 2.0
![Page 52: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/52.jpg)
Servidores comprometidos
INFRAESTRUCTURAS COMPROMETIDAS
![Page 53: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/53.jpg)
INGENIERÍA SOCIAL EN LAS INYECCIONES
USAN MAS DE UN SERVIDOR
![Page 54: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/54.jpg)
![Page 55: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/55.jpg)
![Page 56: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/56.jpg)
![Page 57: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/57.jpg)
![Page 58: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/58.jpg)
¿Preguntas?…
![Page 59: Where is my money? The evolution of Internet fraud](https://reader038.vdocuments.us/reader038/viewer/2022110308/5576235fd8b42a4e1c8b4e47/html5/thumbnails/59.jpg)