Presented at ekoparty 14 (2018)
Sept. 26, 2018, 4:50 p.m.
In this opportunity, we will use Google Earth as attacking vector through KMZ files. A KMZ is a type of compressed file that contains KML files (Keyhole Markup Language) inside. Besides, KML is a type of KML note used to add geographic information related to maps based on the internet, such as Google Maps. A KML file can include locations, images, marcs, 3D model and text descriptions. These type of files are a good format to spread Malware. Its spreading would be very easy, since it's not a suspicious file format as executable, for example. Furthermore, it makes it difficult to detect the malicious code on its inside due to its compression.
There will be three key points during this talk:
Google Account take-over
Code Execution (shell)
Fabián Cuchietti currently works as CTO in Coltan Security. He has a long trajectory and vast experience in informatics security, both at a local and international level, he reached to be speaker in international conferences, thanks to his research with an added value for cybersecurity. Fabián owns a technical as well as theoretical profile, he is Pentesting specialist, which places him in the Top 100 Google Hall of Fame.