Goodbye Memory Scraping Malware: Hold Out Till "Chip And Pin”

DEF CON 23

Presented by: Weston Hecker
Date: Friday August 07, 2015
Time: 11:00 - 11:50
Location: Track Four

Proof of concept for stopping credit card theft in memory skimming operations . Alternative methods of stopping credit card skimming

I am leading project on Free Open Source software that attacks POS skimming malware. Launching platform and concept for stores to not be low hanging fruit In effect making it no longer possible to sell credit card numbers from skim breaches. Better collection of forensic data with cannery features (such as putting flagged card into memory so if it is skimmed it will be flagged at processor and catch the breaches much faster)Injects 1-500 false random CC numbers for every one legitimate CC number that is entered. In effect making stolen credit card batches harder to sell. I will go in detail of how criminals Steal and sell credit cards at this time. This is a software for making credit cards numbers harder to steal in the methods that have been happening in larger breaches Target, Home Depot.

Weston Hecker

10 Years Pen-testing, 11 years security research and programming experience. Working for a security Company in the Midwest, Weston has recently Spoken at DEF CON 22 and over 40 other speaking engagements from telecom regional events to Universitys on security subject matter. Working with A major University's research project with Department of Homeland Security on 911 emergency systems and attack mitigation. Attended school in Minneapolis Minnesota. Computer Science and Geophysics. Co-Author of "SkimBad" Anti-malware framework Found several vulnerability's in very popular software and firmware. Including Microsoft, Qualcomm, Samsung, HTC, Verizon. Return to Top


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats