AVAR 2009 Conference in Kyoto

The AVAR 2009 Conference was held in the historical city of Kyoto, Japan from November 5. As this year's trend is cloud computing, fake antivirus software and massive PDF file attacks, the cloud and PDF topics were covered in the conference.

We had several Japan-specific sessions. Some delegates from the Japanese ministries and governmental agencies spoke about their tasks and statistics on cyber crimes. As with other nations, Japan has its own specialty in computer usage and malware, such as wide-spread usage of the peer-to-peer software called Winny and the related malware W32.Antinny and a destructive Trojan horse Trojan.Haradong that was discovered in the Winny network (the creator was eventually arrested). Another trend in Japan is the so-called one-click billing fraud, where a Trojan.Hachilem-like Trojan horse is used  to show an annoying billing screen of an adult site until the user sends money and gets the code from the service provider. Mr. Kagaya of the Information-Technology Promotion Agency, Japan, talked about one-click billing fraud in depth.

I also made a technical speech about the collection of obfuscated API calls found in Windows environments, entitled, "A Museum of API Obsufucation on Win32." I spoke about the same topic at PacSec 2009 held in Tokyo on November 4, a day before AVAR.