Presented at
DEF CON 30 (2022),
Aug. 13, 2022, 4:30 p.m.
(45 minutes).
The rise of the machines.
Whenever you are buying online, especially if it’s a limited stock item, you are competing against Bots and lose miserably. Even when you are asleep, there’s a 14% chance that a bot trying to log into one of the 200+ digital accounts you own.
Your mom called to say someone from her bank ask for 4 digit SMS? It was an OTP bot.
Malicious automation is here to stay as it serves tens of thousands of hackers and retail scalpers and drives billions of dollars worth of marketplaces.
During my talk, we will deep dive into the most fascinating architecture, business modules, and techniques top-performing of account crackers and retail bots use to maximize their success rate and revenue.
Presenters:
-
Arik
- Threat Intelligence Researcher
For the last four years, Arik spent most of his time on darknet and deep web marketplaces, hunting threat intelligence and interacting with hackers under 64 identities.
As a Threat Intelligence Researcher at Human Security Inc, Arik trades cracking tools and executes multiple honeypot operations that provide valuable intelligence about web-automated attacks and their actors. Arik's research focuses primarily on retail bots, NTF bots, and account take-over vectors: brute-force and cookie infostealers.
Previously, Arik worked as the first Threat Researcher at BrightData (Formally Luminati networks). Between 2018 and 2020, Arik was responsible for investigating, limiting, and blocking 50K$/Month+ clients that misused the Brightdata residential proxy network for cyberattacks. Analyzing the proxy server logs exposed him to complex fraud operations - from the attacker's perspective.
As a proxy network gatekeeper, he investigated and enticed app-sec hackers to share their pain points, hacking mindsets, and techniques, information He leverages in his current role at Human Security Inc when researching relevant attack groups and increasing the accuracy of the company's products.
Links:
Similar Presentations: