Vikas Parthasarathy
Vikas P is a Staff Investigator at HUMAN Security, specializing in ad fraud research, botnet analysis, and large-scale threat mitigation. With more than a decade of experience in the field, he has led the discovery of major botnet operations including VASTFLUX, BADBOX, and PEACHPIT. Formerly a Vulnerability Researcher at iSIGHT Partners, Vikas now focuses on developing advanced investigation platforms and detection signatures to automate the identification of emerging cyber risks and fraudulent automated traffic.
Session
Sometimes, you disrupt a massive fraud operation only for it to return bigger and stronger two years later.
That's what HUMAN Security found with the successor to the original BADBOX campaign. BADBOX 2.0 targets millions of victims with more backdoor variants, more fraud schemes, and more sophistication than ever before. The China-based threat actors created an entire fraud ecosystem, infecting over 1 million consumer devices with a backdoor in over 200 countries and territories. BADBOX 2.0 is the largest botnet of infected connected TV devices ever uncovered and represents a significant evolution in cybercrime in which multiple types of fraud co-occur.
This talk will dive into all of the details of BADBOX 2.0, including its interconnected nature, how threat actors target the entire customer journey, and how it can be impossible to thwart crimes like this without proper protection. HUMAN’s Satori Research team will present the technical intricacies, including the backdoor techniques, infection vectors, monetization strategies, and the infrastructure that enabled threat actors to hijack millions of devices worldwide, in addition to BADBOX’s implications for the Internet and how the company worked to stop it. We will also provide an update about what happened after the report was released, including how the takedown has progressed.