Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Crypto Hacks - Quit your Job and Become a Crypto Farmer

152 views

Published on

With cryptocurrencies becoming more widely adopted as a form of payment, identity management, and accountability, our understanding of security implications around digital currency needs to keep pace. This talk dives into the many ways in which the systems put in place around new cryptocurrency technologies can be exploited to take advantage of loopholes and bypasses in this technology space.

Published in: Technology
  • .DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... .DOWNLOAD PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... .DOWNLOAD EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... .DOWNLOAD doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... .DOWNLOAD PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... .DOWNLOAD EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... .DOWNLOAD doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Crypto Hacks - Quit your Job and Become a Crypto Farmer

  1. 1. Crypto Hacks Quit Your Job and Become a (Crypto) Farmer Greg Foss Distributed Consensus - August 3rd - 4th, 2018
  2. 2. Greg Foss Head of Threat Research and Global Security Operations OSCP, GMON, GAWN, GWAPT, GPEN, GCIH, CEH
  3. 3. Many of these topics are ‘probably’ illegal and this talk isn’t about get rich quick schemes or scams - don’t do any of these things without authorization D i s c l a i m e r
  4. 4. Mining
  5. 5. Mining Calculators
  6. 6. 0 1.5 3 4.5 6 Jan Feb Mar April May June July Bitcoin Ethereum M o s t m i n i n g c a l c u l a t o r s d o n ’ t t a k e t h i s i n t o a c c o u n t … Mining Difficulty Over Time - 2018
  7. 7. 0 1500 3000 4500 6000 July '16 Nov '16 Mar '17 July '17 Nov '17 Mar '18 July '18 Bitcoin Bitcoin Mining Difficulty - Past Two Years “ L o n g Te r m G a i n z ” - “ H O D L ” - L A M B O S ! ”
  8. 8. Building a Rig
  9. 9. PRO / CON - Building a Rig • Fun to build and looks awesome!
 • You own the hardware and can use it for other tasks - like password cracking
 • Freedom over the coins that you can mine
 • Residual income over time
 • Not dependent on any third party
 • Profit not contingent on current coin value
 • Contributing to maintaining the network PRO • Significant upfront cost
 • Time investment and ongoing maintenance
 • Potentially a very log time to ROI
 • Energy costs and unnecessary heat
 • More profitable to buy the coin given current cost
 • TAXES • Tax on coins, as they are mined • Capital gains tax when trading for Fiat CON
  10. 10. The Cloud…
  11. 11. The Cloud…
  12. 12. T r a d i t i o n a l C l o u d M i n i n g S e r v i c e s
  13. 13. T r a d i t i o n a l C l o u d M i n i n g S e r v i c e s
  14. 14. Ideal for Nodes - Not Mining
  15. 15. Adventures Mining on Google Cloud
  16. 16. Adventures Mining on Google Cloud
  17. 17. Game on… M o d i f i e d X M R i g B i n a r y D N S S e r v e r T C P T u n n e l M i n e a t 3 0 % G P U P r o f i t
  18. 18. C r e a t e A c c o u n t C r e a t e A c c o u n t C r e a t e A c c o u n t C r e a t e A c c o u n t P r o f i t P o w e r S h e l l P r e p a i d C r e d i t C a r d s
  19. 19. Seriously — don’t mess with Google
  20. 20. Web Development
  21. 21. In-browser Miners
  22. 22. Easy to spot and block Included on most threat lists…
  23. 23. Bypass (some) Block Lists P r i m a r y D N S S e r v e r U n s u s p e c t i n g U s e r n o t c o i n h i v e . b i z ( P r o x y ) C o i n h i v e / C o i n I m p / e t c . s o m e t h i n g . c o m s o m e t h i n g . c o m = 1 2 7 . 0 . 0 . 1 n o t c o i n h i v e . b i z
  24. 24. Less intrusive and more profitable ways…
  25. 25. The Home (or office) Network…
  26. 26. U s e r s s o m e t h i n g . c o m R o u t e r P i H o l e S e r v e r A d v e r t i s i n g S e r v e r s C o i n h i v e / C o i n I m p / e t c . D N S R e q u e s t
  27. 27. U s e r s E v e r y t h i n g E l s e s o m e t h i n g . c o m R o u t e r P i H o l e S e r v e r A d v e r t i s i n g S e r v e r s C o i n h i v e / C o i n I m p / e t c . D N S R e q u e s t
  28. 28. Cryptodust Collection
  29. 29. Mobile Faucets
  30. 30. Many variations Mostly popular coins
  31. 31. Micro transactions Time Delay
  32. 32. CAPTCHA bbbboooooo….
  33. 33. It worked!
  34. 34. Until it didn’t…
  35. 35. Web Faucets
  36. 36. CAPTCHA again? c’mon!
  37. 37. Trading and Signal Groups
  38. 38. Pump Dump
  39. 39. Pump Dump
  40. 40. h t t p s : / / c r y p t o - c o i n . w e b s i t e / p u m p - d u m p - c r y p t o c u r r e n c y / Who really wins?
  41. 41. Auto-Trading?
  42. 42. P y t h o nT w i t t e r A P I T r e n d i n g C r y p t o $ Ta g s G o o g l e C l o u d N a t u r a l L a n g u a g e A P I E m o t i o n s
  43. 43. P y t h o nT w i t t e r A P I T r e n d i n g C r y p t o $ Ta g s G o o g l e C l o u d N a t u r a l L a n g u a g e A P I E m o t i o n s G r a p h i n g a n d T r e n d A n a l y t i c s B i n a n c e S h a p e s h i f t
  44. 44. We’ve only just scratched the surface… • Smart Contract Attacks • Honeypot Wallets • Miner / Mobile App Reversing • Seed Busting • Private Key Collisions (LBC) • Headless browser-based mining via PowerShell • Wallet Hijacking • And much more…
  45. 45. Thank you! greg . foss [at] logrhythm . com @heinzarelli https://cryptohacks.io

×