Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Hiring Hackers

2,813 views

Published on

Lookout's Principal Security Researcher, Marc Rogers, presented at CTIA's Super Mobility Week in Las Vegas on September 9, 2014.

Published in: Technology
  • Be the first to comment

Hiring Hackers

  1. 1. HIRING HACKERS MARC ROGERS 09.09.2014
  2. 2. Enterprises need hackers The hacker-mindset makes the difference
  3. 3. noun ˈha-kər Hacker; someone who uses ingenuity to create a clever result which accomplishes the desired goal without changing the design of the system it is embedded in.
  4. 4. pre
  5. 5. noun ˈha-kər Hacker; a person who secretly gets access to a computer system in order to get information, cause damage, etc. : a person who hacks into a computer system
  6. 6. noun ˈha-kər Hacker; A technical genius who likes to explore the technical world and reshape it to his or her desires in a non-destructive way
  7. 7. HOW HACKERS CAN HELP CARRIERS SPECIFICALLY
  8. 8. Botnets are a HUGE network threat Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders
  9. 9. SPAM SOLDIER 12:01 PM • Huge SMS spam botnet • Spams 100 contacts at a time. • In one case 16,000 messages sent from a single phone! • Estimated 7M spam messages sent before it was shut down. • Shut down through cooperation between lookout and a carrier partner. Read more
  10. 10. Botnets are a HUGE network threat Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders
  11. 11. 12:01 PM 12:01 PM 12:01 PM BAZUC • Buys subscriber free SMS allowance • Sells artificially cheap bulk SMS to companies • Undercuts the carrier’s bulk messaging business with its own subscribers Read more
  12. 12. Botnets are a HUGE network threat Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders
  13. 13. • Most advanced mobile botnet (yet) • Multi-layered C2 architecture with end to end encryption and P2P command protocols. • Installs an unrestricted proxy on victim’s handsets • Like PC Botnets, the controllers resell access to the proxy network for various criminal purposes: • Transaction Fraud • Pumping out spam emails • Accessing C99 shell accounts • Brute-forcing wordpress accounts ! ! NOTCOMPATIBLE 12:01 PM Read more
  14. 14. Botnets are still big network-suck Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders
  15. 15. HACKERS WHO HELP
  16. 16. Jeff Moss HACKING FOR GOOD Kevin Poulsen Mark Abene Marc Rogers Robert Tappan Morris Mudge Steve Wozniak Chris Wysopal
  17. 17. EVERYTHING IS OK
  18. 18. For more mobile security information, follow

×