Talks Overview of banking malware as a business

Behind the scenes banking malware is supported by sophisticated criminal infrastructure consisting of various components. Typically, a binary piece of malware is written with all the features that criminals can use to exploit the victims. The malware is then distributed to victims and upon infection, the malware collects information from victim’s machine and sends it to CnC servers controlled by the criminals. To receive the victim’s information, criminals set up their own CnC servers and an administration panel to monitor the infections and manually control them if needed. The administration panel provides the criminals with a dashboard showing a list of infected computers, their location, windows version and even the balance of the victim’s bank account. Depending on the malware, the money from the victim’s bank account is then stolen and transferred to money mules, which cash out the stolen money and return it to the criminals.

This talk will explain how the banking malware is run from the criminal point of view and will also go into detail about the various components that are needed to run a ‘successful’ criminal empire.


  • Sunday Aug. 27 18:30 - 19:30