FireEye Sets The Agenda For Winning The War Against Web Malware

February 4, 2009 at 12:00 AM EST

Milpitas, Califorinia - Feb 4, 2009 – FireEye, Inc., the leader in global anti-malware and anti-botnet protection, continues to set the agenda for winning the war against stealthy Web malware, leading discussions at key industry events to help organizations detect and prevent protect against infiltration. Dr. Stuart Staniford, chief scientist at FireEye, will be presenting "Web Malware Tech: Obfuscation and Other Evasion Technologies" at the Internet2 Joint Techs Workshop on Wednesday, February 4, 2009. Julia Wolf, senior security researcher at FireEye, will be discussing "The Day Spam Stopped (The Srizbi Botnet Takedown)" on Friday, February 6, 2009 at ShmooCon 2009. Alex Lanstein, senior security researcher at FireEye, will discuss FireEye's botnet discovery process and key findings in a working group at the ICANN/GTISC Global DNS Security, Stability, and Resiliency Symposium being held February 3-4, 2009. He has also been accepted to discuss the Srizbi botnet takedown at CarolinaCon, being held March 13-14, 2009.

"Cyber criminals continue to penetrate corporate networks using increasingly complex, stealthy malware that leverages mainstream applications and channels to compromise machines and build global botnets," said Dr. Stuart Staniford, chief scientist, FireEye, Inc. "For many organizations, Web communications is business critical, yet it is increasingly difficult to detect and protect against Web malware intrusions. By illuminating infection and evasion techniques and exposing popular attack vectors, FireEye helps organizations fortify their cyber crime defenses."

Dr. Staniford's presentation on "Web Malware Tech: Obfuscation and Other Evasion Technologies" at the Internet2 Joint Techs Workshop will focus on the increasing criminal sophistication of Web malware which is designed to rob organizations of critical data and resources while evading detection and analysis. Cyber criminals conceal their attacks through a blend of threats such as phishing spam containing URLs that load Web pages laced with obfuscated code. Nearly all serious Web malware infections use obfuscation to infiltrate the unprotected port 80. In this session, attendees will learn about Web malware infection techniques that are aiding cyber criminals and presenting challenges to IT security professionals. Topics will include polymorphic JavaScript, malicious Web sites that only attack targeted IP addresses, and malware integrity checking and authentication.

In the fall of 2008 San Jose-based hosting provider McColo was shut down for illegally hosting command and control servers (C&C) for some of the world's largest botnets including Srizbi, Rustock and others. The 75 percent drop in spam that immediately ensued was staggering, and experts estimated Srizbi alone was responsible for about 50 percent of all the spam on Earth. At ShmooCon 2009, Julia Wolf's session titled, "The Day Spam Stopped (The Srizbi Botnet Takedown)" will examine the incidents surrounding the infamous Srizbi botnet shutdown. Ms. Wolf will discuss how FireEye was able to gather and leverage critical botnet intelligence about Srizbi's design and contingency structure to hijack the botnet.

The McColo incident revealed significant intelligence regarding botnet activity, command & control (C&C) infrastructures, and cyber criminal methodologies. Alex Lanstein will discuss FireEye's discovery process and key findings in a working group at the ICANN/GTISC Global DNS Security, Stability, and Resiliency Symposium being held February 3-4, in Atlanta, Ga. He has also been accepted to discuss the Srizbi botnet takedown at CarolinaCon, being held March 13-14, 2009 in Chapel Hill, N.C. For more information, please visit http://www.carolinacon.org/

About FireEye's Session at the Internet2 Joint Techs Workshop

Dr. Stuart Staniford will present "Web Malware Tech: Obfuscation and Other Evasion Technologies" on Wednesday, February 4, 2009, 8:50-9:10 a.m. at the Internet2 Joint Techs Workshop being held from February 1-5, 2009 at the Texas A&M University Memorial Student Center in College Station, Texas. For more information, please visit http://jointtechs.es.net/texas2009/

About FireEye's Session at ShmooCon 2009

Julia Wolf will present, "The Day Spam Stopped (The Srizbi Botnet Takedown)" on Friday, February 6, 2009, 5:00 p.m. at ShmooCon 2009 being held from February 6-8, 2009 at the Wardman Park Marriott, Washington D.C. For more information, please visit http://www.shmoocon.org/presentations.html

About the FireEye Solution

The FireEye security appliances and FireEye Malware Analysis & Exchange (MAX) Network service together provide comprehensive anti-malware and anti-botnet protection. FireEye appliances use virtual victim machines to analyze enterprise networks for Web-malware and related bot activities on compromised machines. The FireEye MAX Network is a globally deployed malware discovery and analysis service that provides subscribers with the most current botnet and Web malware intelligence to complement on-premise anti-malware security appliances. It catalogs and disseminates security intelligence such as the inbound attack vector as well as the outbound call-back channels used to steal data. This is all derived from malware analyses which are conducted by interconnected networks of FireEye security appliances selectively deployed at service providers around the world. FireEye's solution offers the industry's first complete global and local anti-malware protection to precisely identify, understand, and stop emerging botnet and Web malware threats.

About FireEye, Inc.

FireEye, Inc. is the leader in anti-malware and anti-botnet protection, enabling organizations to protect critical intellectual property, computing resources, and network infrastructure against Web malware and botnet infiltration. Today's most damaging attacks are perpetrated through Web malware that forms into highly organized botnets, or networks of remotely controlled, compromised machines. FireEye delivers a complete solution that is designed from the ground up to detect and protect organizations from advanced Web malware and botnets through global and local intelligence and analysis. The company is backed by Sequoia Capital, Norwest Venture Partners, JAFCO, SVB Capital, DAG Ventures, and Juniper Networks. For more information, contact (408) 321-6300 or email: info@fireeye.com.

###

©2006-2009 FireEye, Inc. All rights reserved. FireEye and the FireEye logo are registered trademarks of FireEye, Inc. in the United States and/or other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.