877.791.9571 |

About the Author:

Mr. Chong Rong Hwa is a malware analyst working for Infocomm Development Authority (IDA) of Singapore, leading an anti-malware team to support the SingCERT and Singapore Government IT Security Incident Response teams. This role requires him to research deeply into malware techniques and capabilities such as shellcoding, infection vectors, encryption algorithms as well as persistent and stealth techniques through reverse engineering. A SANS GREM gold paper titled “Detailed Analysis of Sykipot (Smartcard Proxy Variant)” was written which had demonstrated some of his skillsets. On top of that, being a passionate IT security analyst, he teaches Malware Analysis course (for Diploma in Information Security) in Nanyang Polytechinic (Singapore) as a part-time lecturer, to nurture and spur interest in young talents to further contribute to the IT security domain. This strong passion is further seen through the participation of Honeynet Project (Singapore Chapter) and National Infocomm Competency Framework (NICF) Technical Committee & Expert Panel. Furthermore, to share knowledge, tips and techniques as well as other insights relating to government specific threats, he has also founded Malware Analysis Interest Group (MAG), a group exclusively for Singapore government security agencies. Aside, given his strong technical background, he is also engaged as a penetration tester to work on the following areas: penetrate systems and web applications using manual analysis techniques and automated scanning tools; perform source code review (targeting at important application modules); identify cryptographic flaws of custom protocol formats; write Metasploit encoding modules to evade IDS/IPS or Anti-virus software; and develop custom scripts to exploit a targeted system or service.
20090406_rootkit

NGR Rootkit

A Chat With NGR Bot

Executive Summary

NGR Bot (also known as Dorkbot) was examined to be a user-mode rootkit that could be remotely controlled via Internet-Relay-Chat (IRC) protocol. It was […]