Protecting Crypto exchanges from a new wave of man-in-the-browser attacks
- Speaker : Pedro Fortuna
- Length : 45m
- Language : English
In the last year or so, we have seen a massive increase in the value of cryptocurrencies and the emergence of hundreds of new coins and ICOs, getting millions of people into an investment frenzy. A lot of them being non-technical regular consumers that rushed to create new accounts in the most popular crypto exchanges like Coinbase or Bitstamp.
Crypto exchanges are naturally appealing for attackers and have been targeted since as long as we can remember. However, since last year, they are also being targeted by Man-in-the-Browser (MITB) attacks. Malware families such as Zeus Panda, Ramnit and Trickbot are already aiming at websites such as Coinbase.com or Blockchain.info.
In this talk, we will detail how these attacks work, from account takeover to moving out the coins to attacker-controlled wallets. We’ll discuss current defenses e.g. multi-factor authentication or strong SSL encryption and why they are failing to mitigate this type of attacks.
The fact is that unless we can assure that users are not infected with trojans, which right seems an impossible task, we’d better assume a few of them will end up having sessions with web injects.
We’ll demo a new set of techniques that instead of trying to prevent web injections, they aim to detect and react to them.
We’ll demo how the integrity of the exchange webpage can be protected even in the presence of a trojan installed on the client device.
We conclude with an evaluation of the effectiveness of this approach and discuss the value that it adds to existing solutions in the mitigation of MITB attacks.
Pedro Fortuna is CTO and Co-Founder of Jscrambler. He is also the Chapter leader for OWASP Portugal.
Pedro has more than 12 years of experience researching and working with web application security area. He is a regular speaker in international security conferences. His main research interests lie in the fields of Application Security, Web Security, Reverse Engineering, Malware and Software Engineering.
Pedro is also the author of several patents in application security.
- Company: https://jscrambler.com/
- GitHub: https://github.com/pfortuna
- Linkedin: https://www.linkedin.com/in/pedrofortuna/
Click here to see the full calendar and pick your favorite talks