hiring hackers
DESCRIPTION
Lookout's Principal Security Researcher, Marc Rogers, presented at CTIA's Super Mobility Week in Las Vegas on September 9, 2014.TRANSCRIPT
HIRING HACKERS
09.09.2014MARC ROGERS
Enterprises need hackers The hacker-mindset makes the difference
noun \ˈha-kər\someone who uses ingenuity to create a clever result which accomplishes the desired goal without changing the design of the system it is embedded in.
Hacker;
pre
noun \ˈha-kər\a person who secretly gets access to a computer system in order to get information, cause damage, etc. : a person who hacks into a computer system
Hacker;
noun \ˈha-kər\A technical genius who likes to explore the technical world and reshape it to his or her desires in a non-destructive way
Hacker;
HOW HACKERS CAN HELP CARRIERS SPECIFICALLY
Botnets are a HUGE
network threat
The carrier is becoming further and further
removed from the device
Old-fashioned
financial fraud still causing headaches
The network is becoming
IP-based and more accessible to intruders
• Huge SMS spam botnet
• Spams 100 contacts at a time.
• In one case 16,000 messages sent from a single phone!
• Estimated 7M spam messages sent before it was shut down.
• Shut down through cooperation between lookout and a carrier partner.
SPAM SOLDIER12:01 PM
Read more
Botnets are a HUGE
network threat
The carrier is becoming further and further
removed from the device
Old-fashioned
financial fraud still causing headaches
The network is becoming
IP-based and more accessible to intruders
• Buys subscriber free SMS allowance
• Sells artificially cheap bulk SMS to companies
• Undercuts the carrier’s bulk messaging business with its own subscribers
BAZUC
12:01 PM 12:01 PM 12:01 PM
Read more
Botnets are a HUGE
network threat
The carrier is becoming further and further
removed from the device
Old-fashioned
financial fraud still causing headaches
The network is becoming
IP-based and more accessible to intruders
• Most advanced mobile botnet (yet)
• Multi-layered C2 architecture with end to end encryption and P2P command protocols.
• Installs an unrestricted proxy on victim’s handsets
• Like PC Botnets, the controllers resell access to the proxy network for various criminal purposes:
• Transaction Fraud • Pumping out spam emails • Accessing C99 shell accounts • Brute-forcing wordpress accounts
!!
NOTCOMPATIBLE12:01 PM
Read more
Botnets are still big
network-suck
The carrier is becoming further and further
removed from the device
Old-fashioned
financial fraud still causing headaches
The network is becoming
IP-based and more accessible to intruders
HACKERS WHO HELP
Jeff Moss
Marc RogersMark Abene
Kevin Poulsen
Robert Tappan Morris
Mudge
HACKING FOR GOOD
Steve Wozniak
Chris Wysopal
EVERYTHING IS OK
For more mobile security information, follow