Bypassing signature detection is a common and general hacking technique, eh... but it's no longer used by hackers - huh? I mean what? If the hacker can just turn off your whole protection ... what's the reason to bypass ;)

In this session, we will share the new forms of tricks that we have observed in the wild and community over the past two years that hackers are using: exploiting flaws in the standard architecture of modern anti-virus, and the ability to shut down anti-virus protection perfectly. We will demonstrate seven new attack strategies: how to forge tokens, disguise sleep mode, exploit driver issues, and even put anti-virus in a sandbox! At the end of the agenda, we will share the principles behind these attacks to help Blue Team members to detect and respond to these attacks early.