BSidesSF 2018 has ended
Back To Schedule
Sunday, April 15 • 1:30pm - 2:00pm
Netrepser – A JavaScript targeted attack

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The discovery of Stuxnet in a uranium enrichment facility in Natanz opened a new era in tactical military operations. For seven years, advanced espionage and sabotage operations have been carried out with the help of extremely complex code written especially for the job, and then discarded.

The Netrepser threat we have analyzed and documented in the following pages is the exact opposite: a complex, targeted malware framework that, unlike a military-grade APT, is “stitched together” with freeware utilities to carry a complex job through to completion. The approach the team behind Netrepser took is extremely unusual for an espionage campaign: they play the simplicity card to better blend in with the environment, even at the cost of triggering alarms.

Netrepser is the perfect example of a very advanced espionage tool used to target a number of high-profile institutions and exfiltrate information in a novel way. We have isolated and dissected it to better understand its early stages, its communication techniques and, ultimately, its impact on the victim’s data.


Cristina Vatamanu

Senior Team Lead, Cyber Threat Intelligence Lab, Bitdefender
Cristina Vatamanu graduated from the Faculty of Computer Science at the University of 'Gheorghe Asachi'. She has been working with the same Global Security Vendor for almost eight years. Some of her responsibilities (and hobbies) include reverse engineering, exploit analysis, and... Read More →

Sunday April 15, 2018 1:30pm - 2:00pm PDT
City View - Presidio