NorthSec 2021

David Décary-Hétu

David Hétu est cofondateur et chef de la recherche de Flare Systems. David est titulaire d'un doctorat en criminologie de l'Université de Montréal. Ses principaux intérêts de recherche portent sur les marchés illicites en ligne et l’impact de la technologie sur la criminalité, que ce soit du point de vue des délinquants ou du point de vue du législateur. Les recherches de David ont été publiées dans les plus grandes revues académiques (ex. British Medical Journal) et présentées lors de conférences de premier plan (Botconf, HOPE). Il est régulièrement invité à partager son analyse de la cybercriminalité dans les médias. David a développé l'outil logiciel DATACRYPTO pour surveiller les activités des délinquants sur le darknet et a codéveloppé l'outil logiciel BitCluster pour suivre les transactions de cryptomonnaies.

The speaker's profile picture

What is your title?

Chief Research Officer

What is your company/affiliation(s)?

Flare Systems

Website (full URL)

https://flare.systems

Twitter account (full URL)

https://twitter.com/ddhetu/

LinkedIn profile (full URL)

https://www.linkedin.com/in/david-d%C3%A9cary-h%C3%A9tu-70229841/


Sessions

05-21
09:40
30min
Unmasking the Cameleons of the Criminal Underground: An Analysis From Bot To Illicit Market Level
David Décary-Hétu

Large corporations have access to sophisticated anti-fraud systems that monitor dozens of signals each time a customer or employee logs into their web portal. Past investigations have shown that malicious actors use malware to build profiles of their victims, and create virtual environments that replicate precisely the victims’ computers’ fingerprints. These profiles can be loaded up in specially crafted browser plugins and used in account takeover attacks. These profiles are sold on private markets and can fetch in the hundreds of dollars when they also include the cookies and credentials of the victims for financial institutions. The aim of this presentation is to map over a period of a month all of the Canadian activities of a machine fingerprint market. Our analysis extends past research first by developing a new understanding of how, and which, Canadians are targeted by this type of attack. Secondly, it presents models that predict not only the price of profiles for sale but also which profiles will end up being sold among the thousands that are for sale. We present estimations for the Canadian market for profiles for sale, and propose hypotheses as to the size of the impact of these illicit activities.

Malware
Main stream
05-21
11:25
40min
Malware & geopolitics
Warren Mercer, Marc-Etienne M.Léveillé, Vitor Ventura, David Décary-Hétu, Ofir Shaty, Sam Quinn, Sarit Yerushalmi

Q&A and discussion for the malware block, hosted and moderated by Marc-Etienne M. Léveillé. Questions will be gathered from the audience during the four prior talks.

Malware
Main stream