Ingress Egress: The emerging threats posed by augmented reality gaming.

Presented at BSidesLV 2016, Aug. 2, 2016, 6 p.m. (60 minutes)

Augmented reality gaming's first breakout hit has millions of players, and a "game board" that spans the globe, so why are so many fans of Ingress, published by Google spinoff Niantic Labs, unhappy? In brief, it comes down to an exploitable game infrastructure, an active community of people designing and building tools to exploit that infrastructure, and a massive player base that doesn't realize how vulnerable they are. This session will reveal weaknesses in the game's communication infrastructure that have enabled people to build tools and services specifically for the purposes of harassment, cheating, and to track the movements and locations of players. We'll also tear apart a commercially-available game bot and reveal how the bot exploits vulnerabilities in the app to permit bot users to engage in antisocial behavior and destroy the cohesion of a three-year-old player community that spans the globe.

Presenters:

• Andrew Brandt / Spike - Director of Threat Research - Blue Coat Systems   as Andrew Brandt
  Andrew Brandt is the Director of Threat Research for Blue Coat Systems and runs a malware research lab in which malware behavior is monitored and recorded, both on infected endpoints and over the networks used to communicate, in order to facilitate comprehensive retrospective analysis. Prior to his work in infosec, he was a tech journalist and investigative reporter with a focus on issues surrounding online privacy and digital security.

Links:

• https://bsideslv2016.sched.com/event/7azZ/ingress-egress-the-emerging-threats-posed-by-augmented-reality-gaming

Similar Presentations:

• HOPE X (2014) / The Hidden World of Game Hacking
• AppSec USA 2015 / Game of Hacks: The Mother of All Honeypots
• Notacon 8 (2011) / Tabletop Game Design 101: Idea to Reality