Goodbye Memory Scraping Malware: Hold Out Till "Chip And Pin"

Presented at DEF CON 23 (2015), Aug. 7, 2015, 11 a.m. (60 minutes)

Proof of concept for stopping credit card theft in memory skimming operations . Alternative methods of stopping credit card skimming

I am leading project on Free Open Source software that attacks POS skimming malware. Launching platform and concept for stores to not be low hanging fruit In effect making it no longer possible to sell credit card numbers from skim breaches. Better collection of forensic data with cannery features (such as putting flagged card into memory so if it is skimmed it will be flagged at processor and catch the breaches much faster)Injects 1-500 false random CC numbers for every one legitimate CC number that is entered. In effect making stolen credit card batches harder to sell. I will go in detail of how criminals Steal and sell credit cards at this time. This is a software for making credit cards numbers harder to steal in the methods that have been happening in larger breaches Target, Home Depot.


Presenters:

  • Weston Hecker - SR Pentester, Sr Systems Security Analyst at "KLJ Securityā€¯
    10 Years Pen-testing, 11 years security research and programming experience. Working for a security Company in the Midwest, Weston has recently Spoken at DEF CON 22 and over 40 other speaking engagements from telecom regional events to Universitys on security subject matter. Working with A major University's research project with Department of Homeland Security on 911 emergency systems and attack mitigation. Attended school in Minneapolis Minnesota. Computer Science and Geophysics. Co-Author of "SkimBad" Anti-malware framework Found several vulnerability's in very popular software and firmware. Including Microsoft, Qualcomm, Samsung, HTC, Verizon.

Links:

Similar Presentations: