Thibault Seret

Thibault Seret is a researcher on the Team Cymru Research Team. He is
currently focusing on crimeware and APT analysis and research, reverse engineering
and threat intelligence, and trying to fight against bad guys. Before joining Team
Cymru, he worked as a Threat Researcher in McAfee’s ATR team, as cybercrime
analyst in a banking institution with the mission to improve the digital forensics
department, and as a CERT analyst at an IT services company where he tried to save
the world with his teammate. He participates a lot in the security community and
CTF competitions and is a teacher for the new generation of cyber defenders. For
the Alliance!


Session

02-11
13:15
30min
Bohemian IcedID - Queen of Loaders
Josh Hopkins, Thibault Seret

This talk provides an insight into Team Cymru's tracking of IcedID over the past 24 months, following its transition from banking trojan to all-round loader malware. We will demonstrate how we identify potential bot and loader C2 infrastructure through our network telemetry data, and provide confirmation of these findings through config extraction.

Track 1- Dragon Suite