[HITCON 2017] The Dawn of AV Self-Protection

This talk was presented at HITCON on August 24, 2017


This talk consists of 2 parts; we first talk about how malware bypass AV in the past and then we share our findings on the attack vectors of AV self-protection feature that could be leveraged by malware in order to disable the protection of security product. In fact, the emergence of Dridex malware drives us to this topic which was first mentioned in the blog post published last year.

References

https://blog.fortinet.com/2016/08/04/new-era-in-anti-virus-detection-evasions