Speaker: Kobi Eisenkraft
Kobi Eisenkraft
Malware Analyst, Check Point
Software developer, cyber security expert, and malware analyst, with more than a decade of experience in malware research, system protection, and threat prevention. Graduate of Check Point Security Academy, with a BSc (Computer Science and Mathematics) and M.B.A from Bar-Ilan university.
Talk: Using bitcoin blockchain as part of a malware infrastructure
Malware writers are getting more creative on where to hide their C&C domains and IP addresses and how to dynamically generate them. We’ve witnessed unique places to hide a C&C domain, like in fake social media accounts and RSS feeds, but in this talk, I’ll review a new technique found inside the bitcoin blockchain.
While analyzing this method of attack we tried to understand why an attacker would even use the bitcoin blockchain as part of his infection chain? But since this platform is hard to trace, stable (there’s no downtime), visible from almost everywhere and easy to update, we realized this platform might be great for this kind of purpose.
I’ll show a well known technique that was already used in the bitcoin blockchain. This technique uses OP_RETURN output script function as the method for hiding C&C domain name. Then I’ll show a deep analysis of a new method we recently discovered that uses the transactions history to generate a dynamic C&C IP address.
Finally, I’ll demonstrate how we can reveal the C&C IP addresses from a specific bitcoin wallet, how to get the malicious payload from the C&C and how the attacker’s infrastructure can be easily destroyed by sending a single transaction to the attacker’s wallet.
Oleksandr Bornyakov
Deputy Minister, Ministry of Digital Transformation, Ukraine
Elisa de Anda Madrazo
Vice President, FATF
Omar Syed
Blockchain/DLT Architect, Shardus
Captain Michael Kanaan
Director of Operations, US Air Force
Jonathan Dever
Founder/CEO, Commercium Financial
Stephen Thaler, PhD
President/CEO, Imagination Engines, Inc.
Prof Ryan Abbott
Professor of Law and Health Sciences, Univ. of Surrey
Prof Robert Marks
Director, Walter Bradley Center for Natural & AI
Igor Jablokov
CEO, Pryon, Inc.
Anastasia Marchenkova
Quantum Researcher, Bleximo
Fabio Zinno
Research Lead, Electronic Arts Canada
Kristina Lucrezia Cornèr
Editor-in-Chief, Cointelegraph
Travis Cannell
Head of Product, Orchid
Rishabh Misra
Machine Learning Engineer, Twitter
Shreyansh Daftry
Research Scientist, NASA Jet Propulsion Laboratory
Joel Lehman, PhD
Scientist, OpenAI
Paul McLachlan, PhD
AI Research Lead, Ericsson Research
Karl Weinmeister
Cloud AI Advocacy Manager, Google
Jigyasa Grover
Machine Learning Engineer, Twitter
Kobi Eisenkraft
Malware Analyst, Check Point
Tiffany Xingyu Wang
VP/Chief Strategy Officer, Spectrum Labs
Ramin Keene
Founder, Fuzzbox.io
Register
Registration for workshop and for the conference itself is now open. The workshop has a limited number of tickets, so hurry and register if you want to guarantee yourself a spot. To reserve your ticket(s), click on that big red button.
Register with crypto
Want to register using your favorite cryptocurrency? We’re on your side. Just click that button to email us to begin the process. We’ll get back with you pronto.
Become a sponsor or exhibitor
Want to sponsor Algorithm 2022 or have an exhibit space during the conference? Click that button to view the sponsorship prospectus.