More Information
- AVAR Association of anti Virus Asia Researchers
The 9th annual conference of the Association of anti Virus Asia Researchers took place in Auckland, New Zealand on the 3rd to 5th of December. The conference theme was “Digital Security – Prevention to Prosecution”, speakers and participants came from around the world.
Shigeru Ishii of the Information-technology Promotion Agency, Japan (IPA) covered the threats seen recently in Japan, focusing on the Antinny Virus, which exploits the Winny peer–to–peer file–sharing software to leak information, and the phenomenon of “one–click billing fraud”, where users are tricked and intimidated into paying on bogus websites.
Eric Chien of Symantec Security Response looked at the security threat of Gadgets, such as Google Desktop Gadgets, Yahoo Widgets and the Vista Sidebar. Gadgets are another potential route for untrusted code to enter our machines.
Maksym Schipka of MessageLabs analysed the prevalence of PE packers in email traffic. Blackhats are using PE packers to avoid detection of their malware.
Sungkeun Rhee and Jeong Wook Bang of AhnLab looked at the upcoming threats of RFID.
Igor Muttik of McAfee AVERT noted a shift in deployment vector from SMTP to HTTP, and urged developers and independent testing bodies to focus on perimeter scanning of HTTP traffic.
Ja-Way Hung and Pei-Wen Liu of the Information and Communications Security Technology Center in Taipei used Geographical Information Systems to correlate malware infection locations and discern the intended target of organised hackers.
Craig Johnston of IBM presented a case study of a phishing attack.
Eric Uday Kumar of Authentium gave a detailed technical description of rootkits on Windows, including various methods for hooking and patching DLLs and the kernel.
Enrique González Ochoa of Panda Software painted a daunting picture of threats against VoIP.
Jonathan Poon of Microsoft detailed the further development and expansion of an automated release scanning system.
Peter Ferrie of Symantec Advanced Threat Research explained attackers on virtual machine emulators, and showed how programs could detect they were running inside emulators such as Vmware, VirutualPC, Parallels and others.
Kimmo Kasslin of F-Secure looked at the challenge of kernel malware, using Haxdoor and Mailbot as case studies. Cai Jun of FortiNet looked at malware on mobile devices. Aditya Kapoor of McAfee AVERT described techniques to evaluate two different binaries and determine the amount of shared code and behaviour.
Sébasien Josse of Silicomp-AQL also delved into virtual machines and the kernel to consider unpacking using emulation.
Vesselin Bontchev discussed the problems of the Common Malware Enumeration (CME) initiative, concluding that the scheme was fatally flawed.
Babu Nath Giri of McAfee AVERT described the emergence of ransomware.
One panel session discussed “Where have all the Outbreaks gone?”, and the second considered, “Defensible Digital Boundaries”. The Gala Dinner featured a show by Maori dancers.