S

CYBER ANALYTICS PROJECTTeam BizzLoc

The Team

Elias Paramo

Kushagra Parikh

Rohit Bhalerao

Rohit Garg

Agenda

Introduction

Research Questions/Hypothesis

Research Design

Findings and Discussions

List of references

Introduction

To discover suspicious behavior

Forums – HackerWeb & Shodan

APIs - Python

Perform analysis & generate trends

Data insights

Research Questions

In Android, there is always someone looking/controlling?

Finding malware samples?

What are the developments of Remote access Trojan?

How common is it to use DOS for revenge purpose?

How to hack Social Media?

How can the MSN account be frozen?

Research Design: Collection

Data Source Hacker Web Shodan

Automated Process Using Python API

Research Design: Analysis

Analytical Tools Used Tableau Spotifire RapidMiner IBM Spss MS – Excel

Different analysis for 6 questions

Q#1: Time Series

Provides trends of how the android hacking market grew

Q#1: Heat Map

Provides snapshot in time of how impactful the different android hacking tools were in hacking community

Q#2: Map Trace

Provides information how reach of malware across different region

Q#3: Map Trace

Provides information how reach of RAT across different region

Q#4: Association Rules

Provides information about Inter-Correlation of words

Q#5: Hacking Trends

Provide time series of how different modes to hack social media grew

Q#6: Hacking Trends

MSN Account freezer(2010)

Account Unfreeze(2010)

Beta version(2011)

Dead zone

200 Id hacked

Provide time series of how MSN account freezer grew

Q#1: Findings & Discussions

Android RAT Developed by David Most impact

Cryptoid Cipher or Decipher messages Multiple Algorithms: Caesar, Polybius

Ratroid: Android RAT in French

Zero-day flaw in 2010

Q#2: Findings & Discussions

December 2006 Increase in malware signatures 250K to 500K

Use warez tools Trojan DIY programs, worms Develop and release new version of code

Apple products targeted

Q#3: Findings & Discussions

Schwarze Sonne RAT Language - Delphi Servers connect fast, Open source

Cerberus RAT Not stable

Q#4: Findings & Discussions

DDOS tools GoodBye 5.0 Shell Booter NuclearDDosser DeStROY

Q#5: Findings & Discussions

0-day exploit Hack Facebook mail In 2010

Use Proxy Cracker To crack Yahoo account Time consuming process

Q#6: Findings & Discussions

Tool to freeze MSN accounts Introduced in 2010 Capability of MSN hacking, killer, elite flood

Reported frozen 200 ids In 2012

List of References

http://www.bizcommunity.com/Article/196/661/109895.html

http://www.cnn.com/2011/TECH/mobile/03/02/google.android.hack/

http://www.itworldcanada.com/article/first-rat-binders-for-android-surfacing/82879

https://github.com/RobinDavid/androrat changed

https://github.com/wcb972/androrat

http://www.th.freelancer.com/work/androrat-work/1/

http://www.filecrop.com/

List of References (Contd.)

http://sharedigger.com/

showthread.php@9099-REL-Schwarze-Sonne-RAT-1-0_2Fpage2

showthread.php@9052-DarkComet-RAT-V2-0-RC7-_2AFIX_2A

showthread.php@9042-Cerberus-Rat-1-03-5-Beta_2Fpage7

showthread.php@12043-Pandora-RAT-V0-1-Tester-Verison

showthread.php@11514-BlackNix-RAT-v1-1

showthread.php@11417-Pytho-R-A-T-1-4-Developer-Preview

List of References (Contd.)

showthread.php@11030-Next-Generation-R-A-T

http://blogs.edweek.org/edweek/DigitalEducation/2013/09/cyber_attacks_on_school_networ.html

http://www.coe.int/t/dghl/cooperation/economiccrime/cybercrime/Documents/Reports-Presentations/567%20study1-d-provisional%20_13%20Mar%2008.pdf

http://www.mediafire.com/?yl31y2onkn5

http://www.mediafire.com/?kzazwdxyowy

Summary

Introduction

Research Questions/Hypothesis

Research Design

Findings and Discussions

List of references