What would happen if you had over 60 servers processing thousands of theft attempts from high-value accounts and high net-worth indiciduals? What if these servers showed an insiders level of understanding of banking transactions? What if all this fraud actually did not look like fraud? What if this system actually relied and depended upon two-factor authentication to accomplish its fraud?

Welcome to Operation High Roller: an ongoing fraud campaign that has targeted upwards of 1 Billion Euros.

This session will dissect and discuss the nastiest parts of High Roller: the web injects and the automated fraud servers we identified and analyzed during this project. Prepare to question your existing conceptions of server-side malware automation and multi-factor authentication as we explore 2FA-enabled fraud.
 

Dave Marcus

Dave Marcus is responsible for communicating the security expertise of McAfee Labs to customers and the greater security community through blogging, podcasts, online and print publications, and even tweeting. Marcus is responsible for all of McAfee Labs’ publications, including McAfee Security Journal, and serves as blogmaster for McAfee Labs Security Blog. He is also co-host of AudioParasitics, the official podcast of McAfee Labs.

Marcus has extensive experience in network solutions and IT security, with a focus on advanced intelligence gathering, digital forensics, intrusion detection and prevention, and network and host analysis. Prior to joining McAfee, he held leadership and consulting positions in IT security services, network solutions, enterprise management, knowledge engineering and management, and research and development program management. Marcus served as president and senior security engineer of SecureNET’s network security practice, and worked for Ajilon Consulting, SmartForce, CBT Systems, HAS, and CompuSolve. He is a qualified expert witness in computer forensics and computer security, and is also a sought-after speaker at information security industry conferences.

Marcus holds a bachelor’s degree in philosophy from Florida Atlantic University and has completed extensive training in advanced intrusion analysis methods, penetration testing, vulnerability assessment, and computer forensics.

 

Back to Derbycon 2012 video list