黑客在抢劫过程中泄露自拍照：LLM 识别信息窃取者的感染途径并提取入侵指标.pdf

《黑客在抢劫过程中泄露自拍照：LLM 识别信息窃取者的感染途径并提取入侵指标.pdf》由会员分享，可在线阅读，更多相关《黑客在抢劫过程中泄露自拍照：LLM 识别信息窃取者的感染途径并提取入侵指标.pdf（167页珍藏版）》请在三个皮匠报告上搜索。

1、#BHUSA BlackHatEventsBylineHacker Dropping Mid-Heist SelfiesLLM Identifies Information Stealer Infection Vectors and Extracts IoCEstelle Ruellan,Threat Intelligence ResearcherOlivier Bilodeau,Principal Cybersecurity Researcherflare.ioWho Are We?2Olivier BilodeauEstelle RuellanCyber Threat Intelligen

2、ce ResearcherMathematics and Criminology BackgroundFormer student athleteLoves data science,shapes and colorsBaby serial presenter:NorthSec,ShmooCon,Botconf,Hack.lu,eCrime APWG,EUROCRIME15 years cybersecurity industry experiencePrincipal Cybersecurity Researcher at FlareFormer GoSecure,ESET.Founder

3、MontrHackNorthSecs PresidentSerial presenter:DEFCON,BlackHat,SecTor,Botconf,CERT-EU,AtlSecConHonorable mentions:flare.ioAgenda1.The Information Stealer Malware Phenomenon2.Mid-Heist Selfies3.The LLM Pipeline4.Prompt Engineering5.LLM Assessment6.Discriminating IoCs7.Inside the Infostealer Playbook8.S

4、uccessful Campaigns:2 Case Studies9.Strength and Limits10.Conclusionflare.ioAgenda1.The Information Stealer Malware Phenomenon2.Mid-Heist Selfies3.The LLM Pipeline4.Prompt Engineering5.LLM Assessment6.Discriminating IoCs7.Inside the Infostealer Playbook8.Successful Campaigns:2 Case Studies10.Conclus

5、ion9.Strength and Limitsflare.io5The Malware you(may)have never heard of:5What is an Infostealer?Administrative rights NOT required!&No Persistence!User downloads cracked softwareIndividual logs are packaged togetherLog Files are distributed in Telegram ChannelsInfostealer grabs:-credentials-crypto

6、wallets-browser Data Malware is executed on victim computerData exfiltrated to C2 infrastructureflare.io6 6Stealer Log Structurecrazy_cloud_daily.zip78a5g6fdg.zipun347y8erf.zipjnh2389dfv.zipjnkdf89345.zipuni34r893.zipHere is the daily update for Jan 27th!crazy_cloud_daily.zipFrom:Cr4zy Cl0ud 2025!1f