Certified Evil

Jason Killam

Use of signed malware is becoming more and more popular. In this lightning talk, Jason will go over the basics of code signing certificates, cover how to identify malicious signed binaries I'll then make a case for why defenders like us should make an effort to get these certificates revoked, and how much cost it imposes on the jerks running these malware campaigns. Examples of malware covered include Lumma, SolarMarker/Yellow Cockatoo.