Zack Allen & Rusty Bower - Malware in the Gaming Micro-economy

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Zack-Allen-Rusty-Bower-Malware-In-Gaming.pdf Malware in the Gaming Micro-economy Zack Allen Lead Research Engineer, ZeroFOX Rusty Bower Information Security Engineer Microeconomics focuses on how patterns of supply and demand determine price and output in individual markets [1]. Within recent years, micro-economies have flourished within the Audio game industry. Companies like Valve rely heavily on a business model that depends on gamers making purchases for in-game items. Players can trade these items in bulk for a rare item, make bets on a competitive gaming match or gift the item for a charity event. While originally well-intentioned, creating these micro-economies also created an incentive for criminals to scam and even steal from unsuspecting victims. Traditional scams date as far back to games like Diablo or Runescape where players were duped in trade windows and in game messaging systems were used to steal items. These low-tech strategies are effective, but recently a new, high-tech scam strategy has emerged relying upon malware specifically targeting the Steam micro-economy. Over the last year, we have collected and reversed dozens of samples of malware that target Steam users. Pieces of malware can be sophisticated RAM scrapers that pilfer an item in memory and send trade requests through the Steam trading API, or as simple as a remote login service. The end result is the same - the hacker loots the victim’s backpack of in game items to sell them on the market for profit. This talk focuses on the techniques we have found in these samples, surveys of victims of these scams and the distribution of money lost from them (up to the $1000s of dollars for users in some cases) and the defenses Steam has put in place to combat this hacker underground. Zack Allen is an RIT graduate, majoring in Information Security. He is also an alum of the Advanced Course for Engineering (ACE) held at AFRL every summer. After working for a government contractor, he joined the exciting startup world and is currently a Research team lead at ZeroFOX. His security specialties include research and development, threat intelligence, tool creation and red teaming. Rusty Bower graduated from the Rochester Institute of Technology with a degree in Information Security. He has been employed at Lockheed Martin and Palantir Technologies tackling a variety of security challenges. His experience is mainly focused in security operations, incident response, tool development, and infrastructure management. He is currently an Information Security Engineer in the Los Angeles area, tackling security challenges at scale.

There are no comments yet.

Please log in to write the first comment.