What Cybercriminals See When They Infect a Host with Malware
Emotions about the global pandemic are running high, and attackers are taking advantage. Researchers have observed criminals spreading malware by impersonating official sources, distributing malicious COVID-19 maps and trackers, and malvertising on coronavirus-related news stories.
As security professionals, we try to protect our users from this type of activity by searching for indicators of compromise and writing rules to detect malicious activity. What we don’t see is the criminal perspective – what an attacker actually sees when they infect a host with malware that has keylogging and remote access capabilities.
In this webinar, SpyCloud Head of Product Strategy Chip Witt opens a window into the criminal ecosystem surrounding credential-stealing malware like Azorult, Raccoon, Predator, and Vidar. Chip shares examples of actual malware logs, explains how various actors profit from stolen data, and discusses what you can do to better protect your enterprise from these types of threats.
View this on-demand webinar to learn:
How criminals distribute credential-stealing malware to victims, monetize stolen information, and continue to profit from infected hosts
What an attacker managing a malware campaign sees as new systems become infected
What’s included within malware log files, from cryptocurrency wallet details to photos of victims’ desktops
How you can better equip your security organization to handle these threats
Contact us to see your infected user data
Exposed credentials, whether stolen in a data breach or via a botnet infection, put user accounts at risk of account takeover. Let’s deep dive on the data we have collected for your domain.
Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.
SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.