Josh Hopkins

Now leading the internal S2 research team, Josh has been an analyst with Team Cymru for the past six years. Specialising in the tracking of infrastructure for a diverse target set that includes both nation state and criminal threat actors. Josh has an extensive background in law enforcement and national security investigations.


Session

02-11
13:15
30min
Bohemian IcedID - Queen of Loaders
Josh Hopkins, Thibault Seret

This talk provides an insight into Team Cymru's tracking of IcedID over the past 24 months, following its transition from banking trojan to all-round loader malware. We will demonstrate how we identify potential bot and loader C2 infrastructure through our network telemetry data, and provide confirmation of these findings through config extraction.

Track 1- Dragon Suite