Exploitation Techniques and Attacks on Hosting Assets and Access for Resale
Hack In The Box Security Conference via YouTube
Overview
Syllabus
Intro
Players, services, prices and means of delivery
Here is an example of a seller
Telegram channels have bots to buy hosts
Types of "hosting" machines at a glance
Dedicated shops
Proxies on victimized hosts
Clouds
We can come back to the same threat actor we have seen before
Credentials parsing
Credentials validation
Automation of RDP probing
Sources of credentials
Another example: Electronic maker
Level of access
Primary targets in Organizatons
Example: Ryuk - use of old vulns
Access and lateral movements sales
The same seller
How access to acquired resources is sold
Empower of cloud technologies
Dedicated server with PP balance 21k USD
Lifecycle of compromised asset
Two more weeks, $500 000 ransom
1 more week, Not Paid, password published
Taught by
Hack In The Box Security Conference