OWASP LA Monthly Dinner Meeting - Nov 20, 2019

TOPIC: Thinking about making $3000 a month in a work from home job? It's a scam. Disrupting a money mule network

SPEAKER: Liam O'Murchu

BIOGRAPHY: Liam O’Murchu is a Director with the Security Technology and Response group with the Symantec Enterprise Division at Broadcom. Over the past 15 years O’Murchu has investigated and responded to the most sophisticated cyber attacks to ever emerge, from professional cyber-criminals targeting financial institutions, to government backed threats targeting critical infrastructure. His analysis of Stuxnet uncovered its true objective, to disrupt uranium enrichment in Iran. The analysis detailed how sophisticated attacks on critical infrastructure are carried out in the modern era. The analysis is featured in the book, "Countdown to Zeroday" by Kim Zetter and the "Zerodays" feature film documentary by Academy award winner Alex Gibney, which was shortlisted for best documentary at the Academy Awards in 2017.

A frequent speaker on T.V., radio and in printed press, O'Murchu has continued to analyze threats from election hacking to financial heists to espionage and to represent that research to the public. Most recently O’Murchu testified at the trial of a group of malware authors he tracked for 12 years, where the authors were found guilty of 21 counts of computer abuse and financial fraud charges. He continues to work closely with law enforcement to identify and apprehend malware authors.

In 2012 O'Murchu was awarded the ISSA’s President’s Award honoring exceptional contributions to the security community.

ABSTRACT: We've all seen the ads for work-from-home schemes often accompanied by a picture of a cheque for thousands of dollars and a testimonial from a happy employee who only worked a few hours a week to earn the money. These legitimate looking ads are often fronts for money laundering services. Working with the FBI, Symantec recently disrupted a botnet that made extensive use of such work-from-home schemes. This talk looks in detail at one specific instance of such a scheme where we gained visibility into every detail of the scheme, from recruitment, to conversations with the ‘employees’, and ultimately, to the criminals behind the scheme. Vast technical and social skills are needed to operate such a scheme successfully while evading law enforcement. This talk shows the dangers of such schemes and how security researcher cooperation and information sharing brought down such an operation.

THANKS to our host SERVICE TITAN for providing the venue!

ATTENTION SPONSORS: YOUR NAME COULD BE HERE
Check out sponsorship opportunities here
https://www.meetup.com/OWASP-Los-Angeles/sponsors/