This study maps the different actors involved in the supply chain behind the market for fake "likes": from botnets to reseller panels and customer-facing sellers. The findings are part of a two-year-long investigation that attempts to understand a botnet’s operations in its economic context: the industry of social media fraud. They will be presented at the Virus Bulletin conference, taking place in Montreal on October 3rd and 5th, 2018.
September 06, 2018
Find Security Bugs can often uncover interesting findings that may lead to the discovery of critical vulnerabilities. However, the process of using Find Security Bugs can be a little bit tedious to unseasoned Java users. Also, the process of analyzing compiled code and triaging the findings needed improvements. Here is the solution that was built to find vulnerabilities at scale.
July 10, 2018
This post will detail the password filter implant project we developed recently. Our password filter is used to exfiltrate Active Directory credentials through DNS. This text will discuss the technicalities of the project as well as my personal experience developing it.
June 18, 2018
We developed a data-driven method for identifying, quantifying, and comparing ransom payments in the Bitcoin ecosystem from 35 ransomware families. The study was conducted in partnership with Bernhard Haslhofer from the Austrian Institute of Technology (AIT) and Benoît Dupont from the Université de Montréal (UdeM). It resulted in a paper that will be presented at the 17th Annual Workshop on the Economics of Information Security (WEIS2018) in Innsbruck, Austria, along other renown academic researchers. This blog post provides a quick summary of the methodology developed for tracing ransomware payments and the study's findings.