Attention! The workshop is provided in English only. To take part
you have to register and be accepted by the speaker(s). Registration form:
https://goo.gl/forms/cgOVit362uam6xaM2In February 2018 Cisco released details of a 6-month investigation into the use of phishing in Bitcoin wallet thefts and malware campaigns. The investigation, named
COINHOARDER, provided insights into these new methods by utilizing whois data and domain registration patterns.
Using live access to Cisco’s OpenDNS threat intelligence interface, this workshop will provide an overview of the investigation. Then attendees will apply similar tools and hunting patterns to find new attacker constructions.
Prerequisites and tools needed:
1. Basic knowledge of DNS, HTTP, and HTTPS.
2. A laptop with Python installed.
3. Attendees will receive a temporary OpenDNS API key for threat hunting during the class.