ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

[FIRST Conference Webcast] The Nightmare of Tracking Open-Source Malware: Five Years of Ursnif

 

[FIRST Conference Webcast] The Nightmare of Tracking Open-Source Malware: Five Years of Ursnif

Ursnif is a relatively complex and full-featured malware family frequently used for both large-scale and targeted attacks. Five years ago, this malware’s source code leaked. Since then, different criminal groups have created a swarm of variants forked from the leaked code, many of them still actively developed today. Free access to the source code of high-quality malware has created a dangerous, asymmetric situation where development of complex malware is insignificantly cheap compared to the cost of building a successful defense against it. Tracking the development of these many parallel malware projects based on the same source code is an inherently challenging, but also worthwhile effort.

The in-depth analysis of recent Ursnif variants enabled a case study that answers questions about open-source malware which would otherwise be subject to speculation. What are the long-term effects of complex and easily reusable malware source code becoming available to anyone? How do attackers use this source code long-term? What is different in recent variants compared to the leaked code? What defensive techniques are efficient against most variants of the malware? What methodology can malware analysts use to identify the subtle differences between malware variants which are based on the same code?

 

Try VMRay

Covered in The Webinar

About The Speakers

No data found
Patrick Staubmann

Threat Researcher

Patrick Staubmann joined VMRay as a threat researcher back in 2019. As part of the Threat Analysis team, he continuously researches the threat landscape and conducts analyses of malware samples in depth. To further improve the companies’ product, he also extends its detection capabilities in form of behaviour-based rules, YARA rules, and configuration extractors. He is especially interested in reverse-engineering, low-level system security and exploitation.

Fatih Akar

Security Product Manager

As the Security Product Manager of VMRay, Fatih Akar leads the Advanced Threat Detection & Analysis related product initiatives. Before joining the products team, he worked as a Solution Engineer at VMRay, liaising between customers, quality assurance, and product management. Before joining VMRay, Fatih held various security engineering roles in large enterprises which operate in multi-national locations.

Explore Valuable Cybersecurity Resources

Request A Free Trial Now

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2013-2025 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Tech Insights Deep Dive of April:
Detection Strategies & Operational Excellence

join VMRay for two powerhouse webinars designed to sharpen your threat detection and response capabilities — featuring a special joint session with Red Canary:

Live session's over. Watch the on-demand video to learn how VMRay and Red Canary combine forces to deliver faster, smarter threat detection!

Watch The Video

Learn how to cut phishing triage time with automated detonation and deep analysis — quickly uncover threats while improving response accuracy!

Watch The Video