Overview
Explore a groundbreaking proof of concept that challenges the effectiveness of OPSEC methods used by cyber predators and threat actors. Dive into the analysis of approximately 4Tb of logs extracted from infostealer malware, including Redline and Racoon. Learn how parsing this data to identify .onion sites led to the discovery of legitimate profiles of threat actors on social networks, government sites, and financial institutions. Understand how exfiltrated files and device information can serve as crucial evidence in computer forensic investigations. Discover the vulnerabilities in threat actors' security practices, such as the lack of 2FA implementation, despite their use of OPSEC techniques. Gain insights from Thiago Bordini, an experienced Head of Cyber Threat Intelligence, as he presents this eye-opening research at Ekoparty 2023, demonstrating that even sophisticated cybercriminals are susceptible to the same technological and procedural threats they exploit.
Syllabus
Removing OPSEC from Cyber Predators and Threat Actors - Tiago Bordini - Ekoparty 2023
Taught by
Ekoparty Security Conference