Proxyjacking for Profit: The Latest Cybercriminal Side Hustle
Vložit
- čas přidán 5. 08. 2024
- Talk by Allen West
www.socallinuxexpo.org/scale/...
In the evolving landscape of cyber threats, proxyjacking for profit is emerging as a silent adversary. While the cyber realm is familiar with hijacking resources for cryptomining and conventional malicious uses of proxies, exploiting victims' bandwidth for direct and tangible profit is a newer challenge. This presentation delves into the intricacies of proxyjacking and its challenges for cybersecurity defenders. Attendees will gain insights into its prevalence, potential future trajectories, and, crucially, defensive measures to combat this under-discussed threat. - Věda a technologie
Is this new? I suspected proxyjacking the first time I saw a service named “residential proxies”
Great talk loved the breakdown
I see proxyjacking as a risk to the victims, as high risk traffic could be tunneled to these unsuspecting victims.
Exactly
Hello did you inform the the libyan company of there website ? I am in libya now and very interested in investigating it
I really miss the old linode logo !
fr
im hearing impaired and the transcript is hard to search through. is this vulnerability involving modifying DNS requests via the proxy end?
I just started watching so i can't answer, but maybe you could benefit from a strategy I use to study: I copy and paste the transcript into an AI and ask it questions
@@CyberSnakeEater You verify the answers the AI gives you?
Via the proxy end? It's just using infected machines as proxies and selling their access.
Yeah IU cant read his overhead stuff on a very large screen in 4k :[
A proxy is similar to a VPN for changing different static or dynamic IP's. The only difference difference is that a VPN also encrypts the DNS requests. I'm using a proxy every day for my business to access certain sites, because changing IP's forces me to log in an verify it again the IP again. It's a completely legit use.
A proxy does not inherently promise encryption. All VPN connections provide encryption. Just make sure you use the correct protocols!
@@bobbyrandomguy1489 - That what I said, a proxy is just for changing IP's. But with 99% of websites nowadays the actual traffic is encrypted via HTTPS/TTS. The only things a VPN is better at, is hiding DNS queries so an attacker won't know the url/IP of the sites you're visiting. Honestly I don't trust either proxy and VPN services, could be honey-pots all we know. "Trust me bro, no logs!" lmao
@@bobbyrandomguy1489tell that to lemons vpn after they sold all their customers information to a Chinese web company.
This claim is false
A VPN completely replicates the network stack and encapsulates it in an encrypted way, while a proxy just forwards requests for you and acts as man-in-the-middle
16:35 no thats not the right hackernews 😭
Please move the mic away from the center of your mouth bro..
W
This is evil
This talk is easily 14 years out of relevance.
That would mean something if vulnerabilities 14 years out of relevance werent still being exploited for fun and profit
@@andrewferguson6901 Fun and profit is a dog-headed point of view. Do you think you are better than a dog?
The most successful hackers are god-headed political idealogues with tragic tales; not run of the mill crooks or goons.
Political idealogues look at crypto and networking technology companies and sees it for what it is. State-sponsored fascism with a bunch of pretty graphs.
If you can't learn to understand the motives of your adversaries you can never hope to stop them, much less compete with them.
Low-brow attacks like what this talk covers only exists because this country is one large honeypot.
Hackers know better than professionals what is real and what is not.
eh not really, some is old info but most is pretty current
If it's not patched or moot it's relevant
Entirely useless talk, save you time.
not true
This is 15 years late
@@frag0638 proxyjacking has been a thing pretty much from the day smartphones became popular, I wouldn't call it "the latest side hustle"
How is it useless it’s still being used? If a computer has malware anything is possible if it’s ud