August 03, 2018

DEF CON 26 Talk — Protecting Crypto Exchanges

by Jscrambler

DEF CON26 Talk - Protecting Crypto Exchanges From a New Wave of Man-in-the-Browser Attacks

Las Vegas is eagerly awaiting the world’s leading security companies and professionals for Black Hat USA 2018 (and, as you probably know, we’ll be there!). But that’s not nearly the end of it.

As has become a tradition, Black Hat USA is immediately followed by another gigantic conference — DEF CON, a meeting place for hackers from across the globe. DEF CON 26 will host several leading talks on security, and we’re thrilled that our CTO, Pedro Fortuna, will be doing a talk on protecting crypto exchanges.

The Talk

If we take a look back at the last 12 months, we can spot a massive increase in the value of cryptocurrencies. This, coupled with the emergence of hundreds of new coins and ICOs, got millions of people into a true investment frenzy.

A significant portion of entrants in cryptocurrency trading were non-technical consumers that were hyped into creating accounts on the most popular crypto exchanges like Coinbase or Bitstamp. This resulted in exchanges experiencing meteoric growth like never before.

Coinbase User Numbers - 2017

Crypto exchanges present an obvious appeal to attackers, who have had an eye on these platforms for a long time. Enter 2017 with the crypto frenzy and we start seeing them being targeted by Man-in-the-Browser (MITB) attacks. [Sidenote: we have a comprehensive guide on MITB here].

Known malware families, including Zeus Panda, Ramnit, and Trickbot are already aiming at websites such as Coinbase.com or Blockchain.info. This leads us to this talk: Protecting Crypto Exchanges From a New Wave of Man-in-the-Browser Attacks.

Pedro Fortuna will detail how these attacks work, from account takeover to sending the coins out to attacker-controlled wallets. He will also discuss current defenses (e.g. multi-factor authentication or strong SSL encryption) and why they are failing to mitigate this type of attacks.

The talk will take place Friday, August 10th at 2 pm in the Packet Hacking Village.

The Speaker

Pedro Fortuna is Jscrambler’s CTO and Co-Founder. He leads the technical vision for the product suite and contributes with his cybersecurity knowledge for R&D.

Pedro holds a degree in Computing Engineering and an MSc in Computer Networks and Services and has over a decade’s experience researching and working in the application security area.

He is a regular speaker at OWASP AppSec events and other cybersecurity conferences and contributes to web development events. His research interests lie in the fields of Application Security, Reverse Engineering and Malware and Software Engineering. Pedro has also authored several patents for application security.

Final Thoughts

Whether you’re going straight from Black Hat USA 2018 to DEF CON26 or just looking to attend the latter, Las Vegas is the place to be right now.

Jscrambler at Black Hat USA 2018

We’re bringing our mission to keep JavaScript applications safe to the cryptocurrency space, and it’s the right time to understand how to keep crypto exchanges safe from attackers. By attending Pedro Fortuna’s talk, you’ll get a practical view of security in Fintech and learn how the industry’s players can seek to overcome emergent threats.

Curious for more? Say hi to Pedro while you’re there!

Update: Talk Recap

After an incredibly hot week in Las Vegas, we take the time to recap Pedro Fortuna's DEF CON talk.

The talk attracted quite a sizable crowd, which went through Pedro's explanation on how attacks on crypto exchanges are conducted and how attackers manage to withdrawing coins out to external wallets without users' knowledge.

DEF CON 26 - Pedro Fortuna's Talk

Pedro was kind enough to provide his presentation's slides, so feel free to take a look.


On November 14th, 2018, DEF CON officially released the video of the talk, which you can watch below: