SlideShare a Scribd company logo
Talesh Seeparsan - The Hound of the Malwarevilles
Talesh Seeparsan - The Hound of the Malwarevilles
“WE STRONGLY ENCOURAGE
YOU TO TAKE REMEDIATIVE
MEASURES NOW…”
“..ALL CURRENT FRAUD
ANALYSIS INDICATORS
IDENTIFY YOUR SITE…”
DATA PROCESSOR?
DATA CONTROLLER?
SUPERVISORY AUTHORITY?
Talesh Seeparsan - The Hound of the Malwarevilles
ASSUMPTIONS
• 1. You have an existing relationship with the merchant
• 2. You don’t have an existing Incident Response plan
• (Hint: template at https://github.com/talesh/response)
Talesh Seeparsan - The Hound of the Malwarevilles
Talesh Seeparsan - The Hound of the Malwarevilles
!
MANAGE YOUR MERCHANT FIRST!
RISK
EGO
CONFIDENCE
Talesh Seeparsan - The Hound of the Malwarevilles
Talesh Seeparsan - The Hound of the Malwarevilles
Talesh Seeparsan - The Hound of the Malwarevilles
!
START AUDIT TRAIL
Talesh Seeparsan - The Hound of the Malwarevilles
MAINTAIN FORENSIC INTEGRITY
Talesh Seeparsan - The Hound of the Malwarevilles
Talesh Seeparsan - The Hound of the Malwarevilles
!
Talesh Seeparsan - The Hound of the Malwarevilles
ROBOT TASKS
• ClamAV
• Magento Malware Scanner (https://magesec.org)
• Magento Security Scanner
• MageReport
• Diff/ Git Diff
Talesh Seeparsan - The Hound of the Malwarevilles
!
Talesh Seeparsan - The Hound of the Malwarevilles
Talesh Seeparsan - The Hound of the Malwarevilles
THE VAST MAJORITY OF MALWARE
ARE SKIMMING FOR CREDIT CARDS
MALWARE CAN DETECT
• Testing domains
• IP Address of site
• Chrome Dev tools/Firebug open (even undocked!)
• PhantomJS, Selenium etc
• Content Security Policy
Talesh Seeparsan - The Hound of the Malwarevilles
MALWARE CAN EXIST IN:
• Filesystem
• Database data
• Triggers in database
• Deeper….
FIX, TEST, TEST AGAIN
Talesh Seeparsan - The Hound of the Malwarevilles
WHAT NEXT?
MERCHANT REPORTS ARE IMPORTANT
Talesh Seeparsan - The Hound of the Malwarevilles
Talesh Seeparsan - The Hound of the Malwarevilles
TIME TO START CRAWLING LOGS
• ack / grep
• Graylog
• Internet Archive
• Deeper….
ON THE HUNT FOR
• Initial Vector of Attack
• Timeframe of compromise
ANOTHER REPORT
MERCHANT REPORTS ARE IMPORTANT
REPORT MALWARE
• Signatures to
• Magereport
• Magento Security Scanner
• Magento Malware Scanner
• Malware Domains to
• Google Safe Browsing project
• ClamAV
Talesh Seeparsan - The Hound of the Malwarevilles
PROACTIVE MEASURES
• Select your people
• Build your processes
• For more information message me
• @_Talesh on Twitter
SET UP AN INCIDENT RESPONSE PLAN
• https://github.com/talesh/response
• https://tale.sh/mm18it
GRAZIE!

More Related Content

PDF
Feeding the Virtual Patch Pipeline
DevOps.com
 
PDF
Hijacking Softwares for fun and profit
Nipun Jaswal
 
PDF
Exploring DarkWeb For Threat Intelligence (SACON May 2018)
Priyanka Aash
 
PPTX
Basics of getting Into Bug Bounty Hunting
Muhammad Khizer Javed
 
PPTX
Defending Against 1,000,000 Cyber Attacks by Michael Banks
EC-Council
 
PPTX
Web Application Security - DevFest + GDay George Town 2016
Gareth Davies
 
PDF
Ground Zero Training- Metasploit For Web
Nipun Jaswal
 
PPT
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Nipun Jaswal
 
Feeding the Virtual Patch Pipeline
DevOps.com
 
Hijacking Softwares for fun and profit
Nipun Jaswal
 
Exploring DarkWeb For Threat Intelligence (SACON May 2018)
Priyanka Aash
 
Basics of getting Into Bug Bounty Hunting
Muhammad Khizer Javed
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
EC-Council
 
Web Application Security - DevFest + GDay George Town 2016
Gareth Davies
 
Ground Zero Training- Metasploit For Web
Nipun Jaswal
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Nipun Jaswal
 

What's hot (20)

PPTX
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
EC-Council
 
PDF
Owasp Mobile Top 10 - M7 & M8
5h1vang
 
PDF
Die Evolution der Sicherheit
Dr. Amir Alsbih
 
PDF
Web application security & Testing
Deepu S Nath
 
PDF
Hacking Web Apps by Brent White
EC-Council
 
PDF
CMS Hacking Tricks - DerbyCon 4 - 2014
Greg Foss
 
PPTX
Owasp for testing_mobile_apps_opd
Pawel Rzepa
 
PPTX
How an Attacker "Audits" Your Software Systems
Security Innovation
 
PPTX
Security is not a feature
Elizabeth Smith
 
PPTX
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Mazin Ahmed
 
PPTX
Nmapper theHarvester OSINT Tool explanation
Wangolo Joel
 
PPTX
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PROIDEA
 
PDF
Security by Weston Hecker
EC-Council
 
PDF
The life of breached data and the attack lifecycle
Jarrod Overson
 
PDF
Break IT Down by Josh Smith
EC-Council
 
PDF
Owasp Top 10 (M-10 : Lack of Binary Protection) | Null Meet
5h1vang
 
PDF
Wi-Fi Hotspot Attacks
Greg Foss
 
PDF
Secure development in .NET with EPiServer Solita
Joona Immonen
 
PDF
Fighting back against constantly Evolving Google play Android Malware
Jagadeesh Chandraiah
 
PDF
Web security and OWASP
Isuru Samaraweera
 
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
EC-Council
 
Owasp Mobile Top 10 - M7 & M8
5h1vang
 
Die Evolution der Sicherheit
Dr. Amir Alsbih
 
Web application security & Testing
Deepu S Nath
 
Hacking Web Apps by Brent White
EC-Council
 
CMS Hacking Tricks - DerbyCon 4 - 2014
Greg Foss
 
Owasp for testing_mobile_apps_opd
Pawel Rzepa
 
How an Attacker "Audits" Your Software Systems
Security Innovation
 
Security is not a feature
Elizabeth Smith
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Mazin Ahmed
 
Nmapper theHarvester OSINT Tool explanation
Wangolo Joel
 
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PROIDEA
 
Security by Weston Hecker
EC-Council
 
The life of breached data and the attack lifecycle
Jarrod Overson
 
Break IT Down by Josh Smith
EC-Council
 
Owasp Top 10 (M-10 : Lack of Binary Protection) | Null Meet
5h1vang
 
Wi-Fi Hotspot Attacks
Greg Foss
 
Secure development in .NET with EPiServer Solita
Joona Immonen
 
Fighting back against constantly Evolving Google play Android Malware
Jagadeesh Chandraiah
 
Web security and OWASP
Isuru Samaraweera
 
Ad

Similar to Talesh Seeparsan - The Hound of the Malwarevilles (13)

PDF
Sucuri Webinar: How to Clean a Hacked Magento Website
Sucuri
 
PPTX
Merchant’s guide to protecting Magento Storefronts (Meet Magento India 2020)
Tarun Sharma
 
PDF
Compromised e commerce_sites_lead_to_web-based_keyloggers
Andrey Apuhtin
 
PDF
Malware Management - HouSecCon 2014
Michael Gough
 
PDF
Mli 2017 technical first steps to building secure Magento extensions
Hanoi MagentoMeetup
 
PPTX
Anatomy of an Advanced Retail Breach
IBM Security
 
PPTX
Foregenix the eCommerce threatscape
Max Dodson
 
PDF
Identifying a Compromised WordPress Site
Chris Burgess
 
PPT
How really to prepare for a credit card compromise (PCI) forensics investigat...
Security B-Sides
 
PDF
What Are the Common Types of Malware That Target Business Websites.pdf
SafeAeon Inc.
 
PPTX
Magento security best practices magento's approach to pci compliance
Ritwik Das
 
PPTX
Magento security 2015 best practices
NBS System
 
PPTX
IRCE 2018 Magento Straight Talk: The Ecommerce Fraud Index and How You Compar...
Mike Cassidy
 
Sucuri Webinar: How to Clean a Hacked Magento Website
Sucuri
 
Merchant’s guide to protecting Magento Storefronts (Meet Magento India 2020)
Tarun Sharma
 
Compromised e commerce_sites_lead_to_web-based_keyloggers
Andrey Apuhtin
 
Malware Management - HouSecCon 2014
Michael Gough
 
Mli 2017 technical first steps to building secure Magento extensions
Hanoi MagentoMeetup
 
Anatomy of an Advanced Retail Breach
IBM Security
 
Foregenix the eCommerce threatscape
Max Dodson
 
Identifying a Compromised WordPress Site
Chris Burgess
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
Security B-Sides
 
What Are the Common Types of Malware That Target Business Websites.pdf
SafeAeon Inc.
 
Magento security best practices magento's approach to pci compliance
Ritwik Das
 
Magento security 2015 best practices
NBS System
 
IRCE 2018 Magento Straight Talk: The Ecommerce Fraud Index and How You Compar...
Mike Cassidy
 
Ad

More from Meet Magento Italy (20)

PDF
Dirk Pinamonti - Come affrontare la sfida del nuovo mercato multicanale e del...
Meet Magento Italy
 
PDF
Vinai Kopp - How i develop M2 modules
Meet Magento Italy
 
PDF
Eugene Shaksuvarov - Tuning Magento 2 for Maximum Performance
Meet Magento Italy
 
PDF
Muliadi jeo - How to sell online in Indonesia
Meet Magento Italy
 
PDF
Max Pronko - 10 migration mistakes from Magento 1 to Magento 2
Meet Magento Italy
 
PDF
Alessandro La Ciura - Progettare la migliore integrazione tra live chat ed e-...
Meet Magento Italy
 
PDF
Bodin - Hullin & Potencier - Magento Performance Profiling and Best Practices
Meet Magento Italy
 
PDF
Giulio Gargiullo - Strategie di marketing digitale per avviare l’e-commerce i...
Meet Magento Italy
 
PDF
Vinai Kopp - FPC Hole punching in Magento 2
Meet Magento Italy
 
PDF
Jacopo Nardiello - From CI to Prod: Running Magento at scale with Kubernetes
Meet Magento Italy
 
PDF
James Zetlen - PWA Studio Integration…With You
Meet Magento Italy
 
PDF
Miguel Balparda - A day in support
Meet Magento Italy
 
PDF
Volodymyr Kublytskyi - Develop Product, Design Platform
Meet Magento Italy
 
PDF
Rosario Toscano - Processi di ottimizzazione per una crescita continua
Meet Magento Italy
 
PDF
Henrik Feld Jakobsen - How to sell online Scandinavia
Meet Magento Italy
 
PDF
Rabia Qureshi - How to sell online in UK
Meet Magento Italy
 
PDF
Matteo Schuerch - How to sell online in Switzerland
Meet Magento Italy
 
PDF
Il data-driven nell’e-commerce: il caso studio Alessi
Meet Magento Italy
 
PDF
Philippe Bernou - Seamless omnichannel solutions with Magento order management
Meet Magento Italy
 
PDF
Giovanni Cappellotto - Navigare nelle acque agitate del marketing su Amazon e...
Meet Magento Italy
 
Dirk Pinamonti - Come affrontare la sfida del nuovo mercato multicanale e del...
Meet Magento Italy
 
Vinai Kopp - How i develop M2 modules
Meet Magento Italy
 
Eugene Shaksuvarov - Tuning Magento 2 for Maximum Performance
Meet Magento Italy
 
Muliadi jeo - How to sell online in Indonesia
Meet Magento Italy
 
Max Pronko - 10 migration mistakes from Magento 1 to Magento 2
Meet Magento Italy
 
Alessandro La Ciura - Progettare la migliore integrazione tra live chat ed e-...
Meet Magento Italy
 
Bodin - Hullin & Potencier - Magento Performance Profiling and Best Practices
Meet Magento Italy
 
Giulio Gargiullo - Strategie di marketing digitale per avviare l’e-commerce i...
Meet Magento Italy
 
Vinai Kopp - FPC Hole punching in Magento 2
Meet Magento Italy
 
Jacopo Nardiello - From CI to Prod: Running Magento at scale with Kubernetes
Meet Magento Italy
 
James Zetlen - PWA Studio Integration…With You
Meet Magento Italy
 
Miguel Balparda - A day in support
Meet Magento Italy
 
Volodymyr Kublytskyi - Develop Product, Design Platform
Meet Magento Italy
 
Rosario Toscano - Processi di ottimizzazione per una crescita continua
Meet Magento Italy
 
Henrik Feld Jakobsen - How to sell online Scandinavia
Meet Magento Italy
 
Rabia Qureshi - How to sell online in UK
Meet Magento Italy
 
Matteo Schuerch - How to sell online in Switzerland
Meet Magento Italy
 
Il data-driven nell’e-commerce: il caso studio Alessi
Meet Magento Italy
 
Philippe Bernou - Seamless omnichannel solutions with Magento order management
Meet Magento Italy
 
Giovanni Cappellotto - Navigare nelle acque agitate del marketing su Amazon e...
Meet Magento Italy
 

Recently uploaded (20)

PPTX
How to Build a Scalable Micro-Investing Platform in 2025 - A Founder’s Guide ...
Third Rock Techkno
 
PDF
Make GenAI investments go further with the Dell AI Factory - Infographic
Principled Technologies
 
PPTX
ChatGPT's Deck on The Enduring Legacy of Fax Machines
Greg Swan
 
PDF
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
PDF
CIFDAQ'S Market Insight: BTC to ETH money in motion
CIFDAQ
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PDF
This slide provides an overview Technology
mineshkharadi333
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
PDF
Advances in Ultra High Voltage (UHV) Transmission and Distribution Systems.pdf
Nabajyoti Banik
 
PDF
agentic-ai-and-the-future-of-autonomous-systems.pdf
siddharthnetsavvies
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
BLW VOCATIONAL TRAINING SUMMER INTERNSHIP REPORT
codernjn73
 
PDF
Building High-Performance Oracle Teams: Strategic Staffing for Database Manag...
SMACT Works
 
PPTX
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PPTX
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
PDF
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
PDF
Enable Enterprise-Ready Security on IBM i Systems.pdf
Precisely
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
How to Build a Scalable Micro-Investing Platform in 2025 - A Founder’s Guide ...
Third Rock Techkno
 
Make GenAI investments go further with the Dell AI Factory - Infographic
Principled Technologies
 
ChatGPT's Deck on The Enduring Legacy of Fax Machines
Greg Swan
 
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
CIFDAQ'S Market Insight: BTC to ETH money in motion
CIFDAQ
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
This slide provides an overview Technology
mineshkharadi333
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
Advances in Ultra High Voltage (UHV) Transmission and Distribution Systems.pdf
Nabajyoti Banik
 
agentic-ai-and-the-future-of-autonomous-systems.pdf
siddharthnetsavvies
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
BLW VOCATIONAL TRAINING SUMMER INTERNSHIP REPORT
codernjn73
 
Building High-Performance Oracle Teams: Strategic Staffing for Database Manag...
SMACT Works
 
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
Enable Enterprise-Ready Security on IBM i Systems.pdf
Precisely
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 

Talesh Seeparsan - The Hound of the Malwarevilles