Nikita Tarakanov

Nikita Tarakanov

Independent Security Researcher

Biography

Nikita Tarakanov is security researcher, who has worked for Intel, Positive Technologies, VUPEN Security, CISS and independently. He likes writing exploits, especially for Windows NT Kernel and won the PHDays Hack2Own contest in 2011 and 2012. He also tried to hack Google Chrome during Pwnium 2 at HITB2012KUL but failed. He has published a few papers about kernel mode drivers and their exploitation and is currently engaged in reverse engineering research and vulnerability search automation.

Mohamed Saher is Security Researcher with over 10 years of experience specializing in reverse engineering, windows internals and mathematics. My work and research spans numerous areas, including native software protection, copy protection technologies, virtualization, malware and
exploitation. In my spare time I enjoy contributing to various reverse engineering forums, solving crackmes and math problems. You can find me in OpenRCE, Project Euler, woodman, crackmes and so forth. I have spoken in various security conferences such as BlackHat, ZeroNights, BSidesHH,
DefCON SkyTalks and CISCP (Department of Homeland Security USA) and many more.

Ahmed Garhy is a researcher specializing in web based exploitation attacks, data analysis, and distributed systems. In my spare time, I enjoy analyzing web based exploitation and obfuscation techniques and contributing to open source projects that aid researchers and developers in their analysis.

Stranger Danger

In an ever-connected world, people all around the globe are freely surrendering their personal information and privacy over to the helms of the social media giants with unprecedented trust. We are quick to not only share our biographies and interests with complete strangers through these social media platforms, but in the process, have also managed to redefine the traditional definition of a friend. Our blind trust in social media platforms to protect our information have allowed us to forgo the age-old warning of ???stranger danger in our search for fame and popularity, in meeting new people, or in the never-ending quest of finding true love.

But what happens when this information falls in the hands of the wrong people? What if the social media platforms have not done as good of a job as they claim in protecting our personal information? In protecting us from criminals, stalkers, and others that mean to cause us harm?

In this presentation, we identify some flaws in one of the most popular social media platforms used globally today and demonstrate how an attacker can not only retrieve information about its users, but also track their location and movements around the globe. We also demonstrate through a study experiment how to extract information from people unknowingly and in the process, identify users that tend to use the platform for committing fraudulent acts like misappropriation, prostitution, and pedophilia.

But not everything has to end on a negative note. We conclude by demonstrating how law enforcement could possibly use this same data to their advantage to find criminals that may be active on the platform.

back to top