A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Stealing Cycles, Mining Coin: An introduction to Malicious Cryptomining - Edmund Brumaghin & Nick Biasini (Circle City Con 2018 Videos) (Hacking Illustrated Series InfoSec Tutorial Videos)

Stealing Cycles, Mining Coin: An introduction to Malicious Cryptomining
Edmund Brumaghin & Nick Biasini

@infosec_nick
Circle City Con 2018

In today's world crimeware is a multi-billion dollar industry that's currently being primarily run through extortion in the electronic age, ransomware. However, times are changing and the business models are changing along with it. The rise of ransomware has paralleled a rise in the value of cryptocurrencies, the two are not necessarily connected, but the impact has been. From an adversary's perspective there are two primary ways of getting these currencies: ransom payouts or mining. Crypto-mining has been around as long as cryptocurrency and it's always been a trade off. Can you earn enough currency to offset the electricity and hardware costs? Well imagine if you didn't have to worry about either of them. This talk will provide a deep dive into pool mining, and how it is being leveraged by attackers. We will also outline the ways that we've seen adversaries deliver crypto mining programs to end users, the amount of mining capabilities they possess, and some of the financial impacts of their activities. Specific examples of miner distribution campaigns will be provided to give real-world scenarios where attackers are amassing computing resources.

Edmund Brumaghin is a threat researcher with Cisco Talos. He has spent the past several years protecting environments across a number of different industries including nuclear energy, financial services, etc. He currently spends his days hunting malware and analyzing various threats as they emerge and continue to evolve. In his time with Talos he has researched ransomware, banking trojans and other threats being distributed using various attack vectors. He has also worked to expose large scale malware campaigns and raise awareness of security threats observed across the threat landscape. Nick Biasini's interest in computers and technology started at a young age when he tore apart his parents brand new 486SX PC. Ever since he has been tinkering with computers in one way or another. In his time with Talos Nick has been responsible for exposing new details to major threats, with a focus on crimeware. This includes exposing the Angler exploit kit, identifying new techniques like Domain Shadowing, helping to stop a large scale exploit kit campaigns, and revealing clever spam campaigns delivering ransomware. Nick has a master's degree in digital forensics from the University of Central Florida and has worked for government and private sector environments in his career.

Back to Circle City Con 2018 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast