Ms. Kathryn Scott
Federal Bureau of Investigation
New York, NY
Abstract: The Gozi Trojan represents one of the most prolific and damaging credential-stealing malware families ever released. Known financial losses due to this malware exceed tens of millions of dollars, and the more than one million victims worldwide include major corporate entities and government agencies. Over the course of a multi-year investigation, the FBI New York Office Cyber Branch gained a thorough understanding of both the technical underpinnings of the Gozi code base and the organized criminal structure of its principal purveyors. This investigative effort has led to the arrest of three individuals alleged to have played critical roles in the architecture, distribution and maintenance of the Gozi malware. In this presentation two of the primary investigators will provide detail concerning the technical architecture of the Gozi malware family and will explain how the FBI New York Office was able to leverage this understanding successfully to indict the alleged conspirators.
Biography: M. Kathryn Scott has served as a Special Agent in the FBI New York Office for five years. Her initial assignment involved investigating high-profile securities fraud matters, where she applied her technical expertise to devise novel investigative techniques. For the past three years she has worked computer intrusion matters, specializing in long-term investigations of large cyber criminal enterprises. Her technical expertise focuses on extracting critical intelligence from large-scale digital evidence collections, and her work has advanced the state of the practice in the FBI. She holds a Bachelor’s Degree in Electrical Engineering from the University of Colorado at Boulder.