Teaser

Description

Modern infostealer malware has evolved far beyond simple credential collectors into sophisticated tools that capture the complete digital footprint of their victims. In this in-depth technical analysis, we unveil groundbreaking research into the architecture of this malware, its attack chains and defensive countermeasures. Through the study of real-life compromise scenarios, including desktop screenshots taken at the time of infection, we show how malicious actors exploit compromised ad networks and Trojanized software for mass distribution.

Drawing on hands-on experience analyzing infostealer logs, we detail how these modern threats bypass multi-factor authentication, compromise (or not) password managers and mine cryptocurrency wallets. We also examine Chrome’s recent countermeasure (application-bound encryption) and explain why, although already bypassed, it offers new detection opportunities.

The session concludes with concrete defensive strategies and the release of two community resources: a PowerShell script for automatically testing credentials against Entra ID, and a set of infostealer logs carefully selected for security research.

This presentation provides cybersecurity professionals with in-depth knowledge and practical tools for defending themselves against one of the most significant, yet under-researched threats today.

About the speaker

Olivier Bilodeau, Principal Researcher at Flare, has over 15 years of leading-edge expertise in computer security, particularly in the fields of honeypot operations, malware reverse engineering and RDP interception. A passionate communicator, Olivier has spoken at prestigious events such as BlackHat USA, DEFCON, HackFest, Botconf, SecTor and Derbycon, and many others. Committed to his community, he co-founded MontréHack, chairs NorthSec and hosts his Hacker Jeopardy.