Unmasking the Unseen: Effortless Linux Malware Reversing with LLMs

Description

While the threat of Linux malware grows, its complexity is often overestimated. Many samples lack sophisticated obfuscation, making them prime targets for modern analysis. This talk introduces a cutting-edge methodology that integrates Large Language Models (LLMs) directly into the reverse engineering workflow. We will demonstrate how to leverage LLMs with a disassembler to automate the analysis of Linux binaries, generating detailed functional reports in minutes. Attendees will gain practical techniques to harness AI for faster, more efficient threat hunting, empowering them to unmask the inner workings of Linux malware with unprecedented speed.

Remco Sprooten

Remco is a Principal Security Researcher at Elastic’s Security Labs, specializing in reversing and analyzing malware, particularly in the Linux domain. With a rich background as a forensic investigator for the Dutch Police, he brings a unique blend of law enforcement and cybersecurity expertise. At Elastic, Remco focuses on dissecting malware families, contributing to the development of innovative security strategies. His work is integral in understanding and mitigating emerging cyber threats, leveraging his extensive experience in digital forensics and threat analysis.