[Noisebridge-discuss] Feb BAHA - Pwning Botmasters

travis+ml-noisebridge at subspacefield.org travis+ml-noisebridge at subspacefield.org
Mon Jan 17 18:34:55 UTC 2011

On 13 Feb 2011, 1400 (that's 2pm for the subtraction-impaired),
The Bay Area Hackers Association will host the following talk:

Counter-Exploitation: Pwning Botmasters

We'll have Billy Rios talking about exploiting the ZeuS botnets and
the people who control them.

Zeus is a Trojan horse that steals banking information by keystroke
logging. Zeus is spread mainly through drive-by downloads and phishing
schemes. First identified in July 2007 when it was used to steal
information from the United States Department of Transportation, it
became more widespread in March 2009. In June 2009, security company
Prevx discovered that Zeus had compromised over 74,000 FTP accounts on
websites of such companies as the Bank of America, NASA, Monster, ABC,
Oracle, Cisco, Amazon, and BusinessWeek.

Zeus' current botnet is estimated to include millions of compromised
computers (around 3.6 million in the United States).  As of October
28, 2009 Zeus has sent out over 1.5 million phishing messages on
Facebook. On November 3, 2009 a British couple were arrested for
allegedly using Zeus to steal personal data.

His blog is here:


About the Speaker:

Billy Rios is currently a security researcher for Google where he
studies emerging security threats and technologies.  Before Google,
Billy was a Security Program Manager at Microsoft where he helped
secure several high profile software projects including Internet
Explorer.  Prior to his roles at Google and Microsoft, Billy was a
penetration tester, making his living by outsmarting security teams,
bypassing security measures, and demonstrating the business risk of
security exposures to executives and organizational decision makers.

Before his life as a penetration tester, Billy worked as an
Information Assurance Analyst for the Defense Information Systems
Agency (DISA). While at DISA, Billy helped protect Department of
Defense (DoD) information systems by performing network intrusion
detection, vulnerability analysis, incident handling, and formal
incident reporting on security related events involving DoD
information systems.  Before attacking and defending information
systems, Billy was an active duty Officer in the United States Marine

As usual, BAHA's website is here:


And we do have a Google calendar for the monthly meetings; it is
linked to from that page.
Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/
My emails do not usually have attachments; it's a digital signature
that your mail program doesn't understand.
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20110117/334a396f/attachment.sig>

More information about the Noisebridge-discuss mailing list