This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Security B-Sides London 2014

29th April 2014 (that’s a Tuesday)
Kensington and Chelsea Town Hall, Hornton Street, London, W8 7NX
View analytic
Tuesday, April 29 • 2:00pm - 2:45pm
Easy Way to Bypass Anti-Virus Systems LIMITED

Sign up or log in to save this to your schedule and see who's attending!

Limited Capacity seats available

Malicious software is all around us. It permeates the Internet by riding on data transmissions. Once you communicate, you risk getting in touch with malware (another name for malicious software). This is why every single one of us, be it individual, company or organisation, runs anti-virus software. The idea is to have specialised software detect malware, so all the bad things are kept out of your network and away from your end-points. So much for the theory. In practice any self- respecting attacker can evade anti-virus filters by a variety of means, depending on their skills and resources. Security researchers know about this fact. Stuxnet and Flame were a proof for sceptics (and a failure of the whole anti-virus industry). How can this be?

All IT security professionals know that antivirus systems can be avoided. However, a few of them knows that it is very easy to do. (If it is easy to do, it's impact is huge!) In this presentation I will, on the spot, fully bypass several antivirus systems using basic techniques! I will bypass: signatures detection, emulation/virtualization, sandboxing, firewalls. How much time (development) is needed for it, for this result? Not more than 15 hours without a cent of investment! If I could do this, anyone can do this... so I think we have to focus to this problem.

Using these easy technique I can create a 'dropper' what can deliver any kind of Metasploit (or anything else) shellcode and bypass several well-know antivirust in real-life and full bypass the VirusTotal.com detection where a detection rate in 0.

In my presentation I use 6 virtual machines and 9 real-time demos. Resulting the audience always have a big fun and surprise when they see the most well-know systems to fall - and the challanges what the AVs cannot solved are ridiculously simple and old. So the IT professionals think too much about the systems which they rely on and which cost so much.


Attila Marosi

Attila Marosi has always been working in information security field since he started working. As a lieutenant of active duty he worked for years on special information security tasks occuring within the SSNS. Newly he was transferred to the just established GovCERT-Hungary, wich is an additional national level in the internationally known system of CERT offices. He has several international certificates such as CEH, ECSA, OSCP, OSCE. During his... Read More →

Tuesday April 29, 2014 2:00pm - 2:45pm
Great Hall The Town Hall, Hornton Street, London W8 7NX