Close

Algorithm 2022

Feb. 10 - 12

Dallas

Speaker

Speaker: Kobi Eisenkraft

Kobi Eisenkraft

Kobi Eisenkraft

Malware Analyst, Check Point

Software developer, cyber security expert, and malware analyst, with more than a decade of experience in malware research, system protection, and threat prevention. Graduate of Check Point Security Academy, with a BSc (Computer Science and Mathematics) and M.B.A from Bar-Ilan university.

Talk: Using bitcoin blockchain as part of a malware infrastructure

Malware writers are getting more creative on where to hide their C&C domains and IP addresses and how to dynamically generate them. We’ve witnessed unique places to hide a C&C domain, like in fake social media accounts and RSS feeds, but in this talk, I’ll review a new technique found inside the bitcoin blockchain.

 

While analyzing this method of attack we tried to understand why an attacker would even use the bitcoin blockchain as part of his infection chain? But since this platform is hard to trace, stable (there’s no downtime), visible from almost everywhere and easy to update, we realized this platform might be great for this kind of purpose.

I’ll show a well known technique that was already used in the bitcoin blockchain. This technique uses OP_RETURN output script function as the method for hiding C&C domain name. Then I’ll show a deep analysis of a new method we recently discovered that uses the transactions history to generate a dynamic C&C IP address.

 

Finally, I’ll demonstrate how we can reveal the C&C IP addresses from a specific bitcoin wallet, how to get the malicious payload from the C&C and how the attacker’s infrastructure can be easily destroyed by sending a single transaction to the attacker’s wallet.

Oleksandr Bornyakov

Oleksandr Bornyakov

Deputy Minister, Ministry of Digital Transformation, Ukraine

Robert Marks

Prof Robert Marks

Director, Walter Bradley Center for Natural & AI

Omar Syed

Omar Syed

Blockchain/DLT Architect, Shardus

Michael Kanaan

Captain Michael Kanaan

Director of Operations, US Air Force

Kristina Lucrezia Cornèr

Kristina Lucrezia Cornèr

Editor-in-Chief, Cointelegraph

Stephen Thaler

Stephen Thaler, PhD

President/CEO, Imagination Engines, Inc.

Prof Ryan Abbott

Prof Ryan Abbott

Professor of Law and Health Sciences, Univ. of Surrey

Anastasia Marchenkova

Anastasia Marchenkova

Quantum Researcher, Bleximo

Igor Jablokov

Igor Jablokov

CEO, Pryon, Inc.

Shreyansh Daftry

Shreyansh Daftry

Research Scientist, NASA Jet Propulsion Laboratory

Fabio Zinno

Fabio Zinno

Research Lead, Electronic Arts Canada

Kobi Eisenkraft

Kobi Eisenkraft

Malware Analyst, Check Point

Travis Cannell

Travis Cannell

Head of Product, Orchid

Rishabh Misra

Rishabh Misra

Machine Learning Engineer, Twitter

Karl Weinmeister

Karl Weinmeister

Cloud AI Advocacy Manager, Google

Joel Lehman

Joel Lehman, PhD

Scientist, OpenAI

Paul McLachlan

Paul McLachlan, PhD

AI Research Lead, Ericsson Research

Ramin Keene

Ramin Keene

Founder, Fuzzbox.io

Jigyasa Grover

Jigyasa Grover

Machine Learning Engineer, Twitter

Tiffany Xingyu Wang

Tiffany Xingyu Wang

VP/Chief Strategy Officer, Spectrum Labs

Register

Registration for workshop and for the conference itself is now open. The workshop has a limited number of tickets, so hurry and register if you want to guarantee yourself a spot. To reserve your ticket(s), click on that big red button.

Register with crypto

Want to register using your favorite cryptocurrency?  We’re on your side. Just click that button to email us to begin the process. We’ll get back with you pronto.