CanSecWest 2021 has ended
Back To Schedule
Wednesday, April 21 • 3:00pm - 4:00pm
Unmasking the Chameleons of the Criminal Underground: An Analysis From Bot To Illicit Market Level.

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Large corporations have access to, and use, incredibly sophisticated anti-fraud systems that monitor dozens of signals each time one of their customers or employees log into their web portal. These signals include what browser is used, what plugins are installed, and even the language of the users’ software. Past investigations have shown that malicious actors use malware to build profiles of their victims, and create virtual environments that replicate precisely the victims’ computers’ fingerprints. These profiles can be loaded up in specially crafted browser plugins and used in account takeover attacks. These profiles are sold on private markets and can fetch in the hundreds of dollars when they also include the cookies and credentials of the victims for financial institutions. The aim of this presentation is to build on past research and to map over a period of a month all of the Canadian activities of a machine fingerprint market. Our analysis extends past research first by developing a new understanding of how, and which, Canadians are targeted by this type of attack. Secondly, it presents models that predict not only the price of profiles for sale – i.e., what makes a profile more valuable – but also which profiles will end up being sold among the thousands that are for sale. Through these analyses, we end up with estimations for the Canadian market for profiles for sale, and propose hypotheses as to the size of the impact of these illicit activities on the Canadian economy. The market for fingerprinting victims is growing exponentially, and is promising to be, along with ransomware, one of the biggest threats of the coming year. With more detailed knowledge about this problem, companies and individual victims will be better suited to protect themselves against these attacks, and limit the monetization of the criminal underground.

Watch here.

David Décary-Hétu
David Hétu is Co-Founder and Chief Research Officer of Flare Systems. David holds a doctorate in criminology from the University of Montreal. His main research interests are in illicit online markets and the impact of technology on crime, both from the perspective of offenders and from the perspective of the legislator. David's research has been published in leading academic journals (e.g., British Medical Journal) and presented at leading conferences (Botconf, HOPE). He is regularly invited to share his analysis of cybercrime in the media. David developed the DATACRYPTO software tool to monitor offender activity on the darknet and co-developed the BitCluster software tool to track cryptocurrency transactions.

avatar for David Hétu

David Hétu

Co-Founder / Chief Research Officer, Flare Systems
David Hétu has a Ph.D. in criminology from the Université de Montréal and his main research interest is in online illicit markets and the impact of technology on crime, whether it be from the offenders’ point of view or from a regulation point of view. David’s research has... Read More →

Wednesday April 21, 2021 3:00pm - 4:00pm PDT
AirMeet/gather.town secwest.net