In today's world crimeware is a multi-billion dollar industry that's currently being primarily run through extortion in the electronic age, ransomware. However, times are changing and the business models are changing along with it. The rise of ransomware has paralleled a rise in the value of cryptocurrencies, the two are not necessarily connected, but the impact has been. From an adversary's perspective there are two primary ways of getting these currencies: ransom payouts or mining. Crypto-mining has been around as long as cryptocurrency and it's always been a trade off. Can you earn enough currency to offset the electricity and hardware costs? Well imagine if you didn't have to worry about either of them. This talk will provide a deep dive into pool mining, and how it is being leveraged by attackers. We will also outline the ways that we've seen adversaries deliver crypto mining programs to end users, the amount of mining capabilities they possess, and some of the financial impacts of their activities. Specific examples of miner distribution campaigns will be provided to give real-world scenarios where attackers are amassing computing resources.

Edmund Brumaghin is a threat researcher with Cisco Talos. He has spent the past several years protecting environments across a number of different industries including nuclear energy, financial services, etc. He currently spends his days hunting malware and analyzing various threats as they emerge and continue to evolve. In his time with Talos he has researched ransomware, banking trojans and other threats being distributed using various attack vectors. He has also worked to expose large scale malware campaigns and raise awareness of security threats observed across the threat landscape. Nick Biasini's interest in computers and technology started at a young age when he tore apart his parents brand new 486SX PC. Ever since he has been tinkering with computers in one way or another. In his time with Talos Nick has been responsible for exposing new details to major threats, with a focus on crimeware. This includes exposing the Angler exploit kit, identifying new techniques like Domain Shadowing, helping to stop a large scale exploit kit campaigns, and revealing clever spam campaigns delivering ransomware. Nick has a master's degree in digital forensics from the University of Central Florida and has worked for government and private sector environments in his career.

Back to Circle City Con 2018 Videos list