SlideShare ist ein Scribd-Unternehmen logo

DEF CON 23 - Weston Hecker - goodbye memory scraping malware

•
•
Felipe Prado
Felipe Prado

DEF CON 23 - Weston Hecker - goodbye memory scraping malware

Technologie
1 von 35
Downloaden Sie, um offline zu lesen
Goodbye Memory Scraping Malware Hold Out Till "Chip And Pin”. Weston Hecker Security Expert With KLJ Systems Network Analyst/Penetrations Tester/President Of Computer Security Association Of North Dakota #westonhecker #skimbadsoftware
Who Am I What Do I Do What's the Talk About, • About Me: Speaker at Defcon 22 Tons of Computer Certs, Computer Science/Geophysics • About 11 years pen-testing, security research , Spoke at Defcon 22 Las Vegas on Burnerphone DDOS • NERC, FFIEC, FISMA/NIST, ISO, GLBA and FDIC, Compliance audits HIPAA, Omnibus, • Wrote custom exploits for obscure Internet service provider gear and PMS software. • Tools of the trade “Fleet of Fake I phones” And now android variance. • Co-writer of Skimbad Software Open source anti malware skimming software OPEN SOURCE. This talk today will be going of this new concept of protecting Data • Pentesting for a living everything from banks, hospitals and ISP in the Mid-west. I live and work in North Dakota • Security projects including Reverse engineering of malware and tracking software. Working on 911 Attack mitigation projects.
TEENSY 3.1 Container!!! Build Your Own There Awesome !!! Hit me up on Twitter or E-mail me.
START THE DEMO !!! • This will Run while I speak • We will check the number at the end of the Presentation • The Graphical demonstration version is available on Skimbad.com • Source Code and EXE are Available on GitHub
The problem of Data skimming malware/ Large Profile cases
Why do people skim data / how much does it cost
Why do people skim data / how much does it cost
how its sold/used to defraud
how its sold/used to defraud • Carding/ Ordering things online • Duplicating cards and using them in stores. • ATM Cashout runs / Pin Skimmed Data. • Theft of resources / Gas Food. • Theft of online services or Licenced materials / Digital Movies /subscriptions to sites. • Using Card data to transfer money WU runs.
How batches of data are ex-filtrated and sold
How batches of data are ex-filtrated and sold • USB devices used to jump “Air” gapped or tighter security • Use if spearfishing campaigns • Software is loaded on to systems by classic hacking methods USB, HID. • Batches are pull to servers most of the time using POST requests every time a card is found in memory the malware sends the data to a Dump • Dumps are complied by BIN number and sold on carding pages price is determined by the banks usual Point of Sale and Debit limit. • The validity rate is how many cards out of a 100 will work . Most batches sold on proper carding forums are 98% plus • Two year old Target breach still has about a 10% validity Rate.
Initial POS terminal is breached and malware is loaded
As cards are swiped they now are send to a Server where they will be sold online.
For the demonstration this all will be ran on one computer normally the POS is separate from the card catching Server.
How does malware tell credit card data from other data
Most Search Memory Using Custom Search Algorithms
Other uses EX. Malware research
II. The approach to stopping Breaches / the tool
what currently exists to stop skimming/data exfiltration
how this concept would make batches unusable
how are random credit cards made what are Bins
How random card numbers are made
How it makes random names.
Honeypot card numbers to let them know breach has occurred.
Anti-keystroke Catching
III. How will malware evolve and how we will stay on top of it
Malware gets smarter and detects BINs from area and other methods
watch dog portions (protection from malware)
How to make batches look real
The Legitimate Credit Cards are Covered with Fakes
How to make fake batches (unscrubable no reversing of process)
Will Chip/Pin stop skimming ?
Software is Open Source Free Help make it better There is no reason that this concept should not be built into every POS system
Conclusions: Thanks for Listening Questions Concerns? Special Thanks to: Tim Swartz, My Family, My Work Defcon Crew for approving my topic. Contact Information •Weston Hecker •Weston@skimbad.com •www.skimbad.com •Twitter @westonhecker @skimbadsoftware.

Empfohlen

Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and YouMary Kelly Rich
 
Digital Forensics Workshop
Digital Forensics WorkshopDigital Forensics Workshop
Digital Forensics WorkshopTim Fletcher
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideAntonio Sanz Alcober
 
N.sai kiran IIITA AP
N.sai kiran IIITA APN.sai kiran IIITA AP
N.sai kiran IIITA APsai Nagaragiri
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsOllie Whitehouse
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)Priyanka Aash
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligencecentralohioissa
 

Empfohlen

Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and YouMary Kelly Rich
 
Digital Forensics Workshop
Digital Forensics WorkshopDigital Forensics Workshop
Digital Forensics WorkshopTim Fletcher
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideAntonio Sanz Alcober
 
N.sai kiran IIITA AP
N.sai kiran IIITA APN.sai kiran IIITA AP
N.sai kiran IIITA APsai Nagaragiri
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsOllie Whitehouse
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)Priyanka Aash
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligencecentralohioissa
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsNeilg42
 
Jerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTJerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTcentralohioissa
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : OverviewDeepak Kumar (D3)
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Cyber Forensics & Challenges
Cyber Forensics & ChallengesCyber Forensics & Challenges
Cyber Forensics & ChallengesDeepak Kumar (D3)
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
Computer forensic
Computer forensicComputer forensic
Computer forensicSinggih Prasetya
 
Cyber forensic investigation & Analysis
Cyber forensic investigation & AnalysisCyber forensic investigation & Analysis
Cyber forensic investigation & AnalysisAnshul Tayal
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.Coder Tech
 
Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)Abhinav Biswas
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowPankaj Choudhary
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Tech and Law Center
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Muzzammil Wani
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptOnkar1431
 
Digital forensics intro 20151123
Digital forensics intro 20151123Digital forensics intro 20151123
Digital forensics intro 20151123Kevin Schlottmann
 
Hacking
HackingHacking
HackingPurohit Rock
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009ClubHack
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 

Weitere ähnliche Inhalte

Was ist angesagt?

Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsNeilg42
 
Jerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTJerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTcentralohioissa
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : OverviewDeepak Kumar (D3)
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Cyber Forensics & Challenges
Cyber Forensics & ChallengesCyber Forensics & Challenges
Cyber Forensics & ChallengesDeepak Kumar (D3)
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
Cyber forensic investigation & Analysis
Cyber forensic investigation & AnalysisCyber forensic investigation & Analysis
Cyber forensic investigation & AnalysisAnshul Tayal
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.Coder Tech
 
Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)Abhinav Biswas
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowPankaj Choudhary
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Tech and Law Center
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Muzzammil Wani
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptOnkar1431
 
Digital forensics intro 20151123
Digital forensics intro 20151123Digital forensics intro 20151123
Digital forensics intro 20151123Kevin Schlottmann
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009ClubHack
 

Was ist angesagt? (20)

Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Jerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTJerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINT
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : Overview
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
 
Cyber Forensics & Challenges
Cyber Forensics & ChallengesCyber Forensics & Challenges
Cyber Forensics & Challenges
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Cyber forensic investigation & Analysis
Cyber forensic investigation & AnalysisCyber forensic investigation & Analysis
Cyber forensic investigation & Analysis
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
 
Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Digital forensics intro 20151123
Digital forensics intro 20151123Digital forensics intro 20151123
Digital forensics intro 20151123
 
Hacking
HackingHacking
Hacking
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
 

Ähnlich wie DEF CON 23 - Weston Hecker - goodbye memory scraping malware

Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud ComputingMitesh Katira
 
03.fnc corporate protect workshop new
03.fnc corporate protect workshop new03.fnc corporate protect workshop new
03.fnc corporate protect workshop newforensicsnation
 
FNC Corporate Protect
FNC Corporate ProtectFNC Corporate Protect
FNC Corporate Protectforensicsnation
 
FNC Corporate Protect Workshop
FNC Corporate Protect WorkshopFNC Corporate Protect Workshop
FNC Corporate Protect Workshopforensicsnation
 
Experiment
ExperimentExperiment
Experimentjbashask
 
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseSANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseJohn Bambenek
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptBushra22
 
Securing, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-HSecuring, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-Hjmoore55
 
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfComputer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfxererenhosdominaram
 
cyber forensics
cyber forensicscyber forensics
cyber forensicsAmbuj Kumar
 
Introduction to Computer Forensics & Cyber Security
Introduction to Computer Forensics & Cyber SecurityIntroduction to Computer Forensics & Cyber Security
Introduction to Computer Forensics & Cyber Securitypivisoc989
 
Ransomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itRansomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itZoltan Balazs
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 
The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.Teri Radichel
 
Trends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursTrends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursMotherGuardians
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 

Ähnlich wie DEF CON 23 - Weston Hecker - goodbye memory scraping malware (20)

Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
Security in the News
Security in the NewsSecurity in the News
Security in the News
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud Computing
 
03.fnc corporate protect workshop new
03.fnc corporate protect workshop new03.fnc corporate protect workshop new
03.fnc corporate protect workshop new
 
FNC Corporate Protect
FNC Corporate ProtectFNC Corporate Protect
FNC Corporate Protect
 
FNC Corporate Protect Workshop
FNC Corporate Protect WorkshopFNC Corporate Protect Workshop
FNC Corporate Protect Workshop
 
Experiment
ExperimentExperiment
Experiment
 
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseSANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Securing, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-HSecuring, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-H
 
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfComputer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
 
cyber forensics
cyber forensicscyber forensics
cyber forensics
 
Introduction to Computer Forensics & Cyber Security
Introduction to Computer Forensics & Cyber SecurityIntroduction to Computer Forensics & Cyber Security
Introduction to Computer Forensics & Cyber Security
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Ransomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itRansomware - what is it, how to protect against it
Ransomware - what is it, how to protect against it
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptx
 
Trends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursTrends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yours
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 

Mehr von Felipe Prado

DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryDEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryFelipe Prado
 
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...Felipe Prado
 
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsDEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsFelipe Prado
 
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionDEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionFelipe Prado
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101Felipe Prado
 
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentDEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentFelipe Prado
 
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareDEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareFelipe Prado
 
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...Felipe Prado
 
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationDEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationFelipe Prado
 
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceDEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceFelipe Prado
 
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistDEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistFelipe Prado
 
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksDEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksFelipe Prado
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityFelipe Prado
 
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsDEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsFelipe Prado
 
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchDEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchFelipe Prado
 
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...Felipe Prado
 
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksDEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksFelipe Prado
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationFelipe Prado
 
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncDEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncFelipe Prado
 
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesDEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesFelipe Prado
 

Mehr von Felipe Prado (20)

DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryDEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
 
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
 
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsDEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got ants
 
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionDEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryption
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
 
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentDEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a government
 
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareDEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
 
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
 
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationDEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
 
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceDEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interface
 
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistDEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
 
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksDEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud security
 
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsDEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portals
 
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchDEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitch
 
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
 
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksDEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
 
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncDEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
 
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesDEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devices
 

KĂźrzlich hochgeladen

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 

KĂźrzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

DEF CON 23 - Weston Hecker - goodbye memory scraping malware

  • 1. Goodbye Memory Scraping Malware Hold Out Till "Chip And Pin”. Weston Hecker Security Expert With KLJ Systems Network Analyst/Penetrations Tester/President Of Computer Security Association Of North Dakota #westonhecker #skimbadsoftware
  • 2. Who Am I What Do I Do What's the Talk About, • About Me: Speaker at Defcon 22 Tons of Computer Certs, Computer Science/Geophysics • About 11 years pen-testing, security research , Spoke at Defcon 22 Las Vegas on Burnerphone DDOS • NERC, FFIEC, FISMA/NIST, ISO, GLBA and FDIC, Compliance audits HIPAA, Omnibus, • Wrote custom exploits for obscure Internet service provider gear and PMS software. • Tools of the trade “Fleet of Fake I phones” And now android variance. • Co-writer of Skimbad Software Open source anti malware skimming software OPEN SOURCE. This talk today will be going of this new concept of protecting Data • Pentesting for a living everything from banks, hospitals and ISP in the Mid-west. I live and work in North Dakota • Security projects including Reverse engineering of malware and tracking software. Working on 911 Attack mitigation projects.
  • 3. TEENSY 3.1 Container!!! Build Your Own There Awesome !!! Hit me up on Twitter or E-mail me.
  • 4. START THE DEMO !!! • This will Run while I speak • We will check the number at the end of the Presentation • The Graphical demonstration version is available on Skimbad.com • Source Code and EXE are Available on GitHub
  • 5. The problem of Data skimming malware/ Large Profile cases
  • 6. Why do people skim data / how much does it cost
  • 7. Why do people skim data / how much does it cost
  • 8. how its sold/used to defraud
  • 9. how its sold/used to defraud • Carding/ Ordering things online • Duplicating cards and using them in stores. • ATM Cashout runs / Pin Skimmed Data. • Theft of resources / Gas Food. • Theft of online services or Licenced materials / Digital Movies /subscriptions to sites. • Using Card data to transfer money WU runs.
  • 10. How batches of data are ex-filtrated and sold
  • 11. How batches of data are ex-filtrated and sold • USB devices used to jump “Air” gapped or tighter security • Use if spearfishing campaigns • Software is loaded on to systems by classic hacking methods USB, HID. • Batches are pull to servers most of the time using POST requests every time a card is found in memory the malware sends the data to a Dump • Dumps are complied by BIN number and sold on carding pages price is determined by the banks usual Point of Sale and Debit limit. • The validity rate is how many cards out of a 100 will work . Most batches sold on proper carding forums are 98% plus • Two year old Target breach still has about a 10% validity Rate.
  • 12. Initial POS terminal is breached and malware is loaded
  • 13. As cards are swiped they now are send to a Server where they will be sold online.
  • 14. For the demonstration this all will be ran on one computer normally the POS is separate from the card catching Server.
  • 15. How does malware tell credit card data from other data
  • 16. Most Search Memory Using Custom Search Algorithms
  • 17.
  • 18. Other uses EX. Malware research
  • 19. II. The approach to stopping Breaches / the tool
  • 20. what currently exists to stop skimming/data exfiltration
  • 21. how this concept would make batches unusable
  • 22. how are random credit cards made what are Bins
  • 23. How random card numbers are made
  • 24. How it makes random names.
  • 25. Honeypot card numbers to let them know breach has occurred.
  • 27. III. How will malware evolve and how we will stay on top of it
  • 28. Malware gets smarter and detects BINs from area and other methods
  • 29. watch dog portions (protection from malware)
  • 30. How to make batches look real
  • 31. The Legitimate Credit Cards are Covered with Fakes
  • 32. How to make fake batches (unscrubable no reversing of process)
  • 33. Will Chip/Pin stop skimming ?
  • 34. Software is Open Source Free Help make it better There is no reason that this concept should not be built into every POS system
  • 35. Conclusions: Thanks for Listening Questions Concerns? Special Thanks to: Tim Swartz, My Family, My Work Defcon Crew for approving my topic. Contact Information •Weston Hecker •Weston@skimbad.com •www.skimbad.com •Twitter @westonhecker @skimbadsoftware.