SPY-JACKING THE BOOTERS

Black Hat USA 2013

Presented by: Lance James, Brian Krebs
Date: Thursday August 01, 2013
Time: 17:00 - 18:00
Location: Augustus 3 & 4

It's become commonplace for security reporters and providers of security technologies to find themselves targets of hackers' wrath, especially when they put criminal activity under the spotlight. Earlier this year, Brian Krebs had done some work to expose a "booter" service. Like other public security figures, he found himself the target of repeated DDoS attacks. In Brian's case, this culminated in a "SWATting" attack -- a surprise visit by dozens of heavily armed police at his front door. Research on "booter" services reveals a relatively unsophisticated, but high-profit criminal community of DDoS-for-hire web sites that are capable of considerable impact. They operate under legal auspices, leveraging legitimate DDoS protection services. Anyone with an axe to grind and a small amount of money can hire one of these services to have virtually any person or web site knocked off the Internet. As an indicator of how mainstream these services have become, most of them accept payment via Paypal. This talk will delve into the recent proliferation of these malicious commercial DDoS services, and reveal what's been learned about their surreptitious functioning, exposing the proprietors behind these illicit services, and what is known about their targets and their thousands of paying customers. Emphasis will be placed on detailing the vulnerabilities present in most booter sites, and the lessons we can draw about how targets of these attacks can defend themselves.

Brian Krebs

Brian Krebs is the author of krebsonsecurity.com, a daily blog dedicated to in-depth Internet security news and cybercrime investigation. From 1995 to 2009, Krebs was a reporter for The Washington Post, where he covered security and privacy issues for the newspaper and the Web site. Krebsonsecurity.com has won numerous honors, including the "Blog That Best Represents the Security Industry" award three years in row at the RSA Security Conference. A frequent speaker on cybercrime topics, Mr. Krebs holds a Bachelor of Arts in International Relations from George Mason University, and lives with his wife in Northern Virginia.

Lance James

Lance James is an internationally renowned information security expert and is currently the Chief Scientist at Vigilant, Inc. With over a decade of experience with programming, network security, digital forensics, malware research, cryptography design & cryptanalysis, attacking protocols, and a detailed expertise in information security, James serves on the advisory board of multiple security-focused organizations and has provided consultation to numerous businesses ranging from start-ups to governments, Fortune 500's, and America's top financial institutions. Credited with the identification of Zeus and other malware, he has authored and co-authored several technical e-crime books. Notable publications include “Phishing Exposed” (Syngress Publishing) with two more books currently in the works: “The Threat Intelligence Handbook” (No Starch Press) and “Precision Grey Hat Exploitations” (McGraw Hill). James regularly speaks at information security-related conferences with notable keynote speaking engagements including the First Asia HTCIA Conference (Hong Kong), Digital PhishNet (Germany/San Diego, CA), and SANS Conference (San Diego, CA). Prior to joining Vigilant, Inc. James was the co-founder and CTO of Secure Science Corporation and senior threat analyst at Damballa.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats