At last year’s VB conference, my talk “Playing with shadows - exposing the black market for online game password theft” discussed malware being sold on the black market for password stealing purposes. During the “Q & A” time, someone asked a question regarding the technical details of Dogrobot, a family of malware that can penetrate the protection offered by a ‘hard disk recovery card’ (used to restore a machine to a known, clean state). Unfortunately, I don’t think I gave a satisfactory answer due to my limited research on it at that time. I’ve been feeling guilty since then and the experience encouraged me to spend more time studying it.
After crawling around in file system drivers and Dogrobot drivers for a few months, I finally managed to get a comprehensive understanding of the technical details of this malware. Unfortunately, “I can’t go back to yesterday” to answer the question again; fortunately, the VB committee gave me a second chance - they accepted my paper entitled ‘'I can't go back to yesterday, because I was a different person then'’ which will be presented at VB2009, on 23rd September in Geneva. In the presentation, delegates will hear about:
- Malware designed to specifically target the recovery hardware used in Internet Cafés in China - how it works, and why?
- Malware that has caused 8 billon RMB (1.2 billion USD) in losses but doesn’t infect files
- Further details of the black market for malware
Are you interested in this? See you in Geneva.