Threat Intelligence/Operations

OpenBullet: The Automated Imitation Game

Virtual Breakout October 7, 2020 1:00 pm - 1:40 pm

Bookmark and Share

Using highly sophisticated, commercially available attack tools like OpenBullet, Snipr MBA, and BlackBullet has dramatically simplified the act of committing fraud through account takeovers, fake account creation, or other automated attack. With GitHub repos, curated user forums, and thousands of predefined attack configs available on the web, bad actors can easily target retail and hospitality sites with automated bot attacks. If a predefined attack config for your company is discovered, how should you react?

Speakers provide tips and techniques learned on the front lines to help you uncover the existence of an attack config, then demonstrate how it is used in OpenBullet, providing pointers on how to use OpenBullet to your mitigation advantage. Discussion topics for the talk will include:

  • Researching Attack Configurations
    • Forums
    • Attack tools
    • Using the power of Google
  • Real World Threats
    • Fake Account Creation (Why this is valuable to the threat actor)
    • True “ATO” and how the accounts are exploited
  • Turning the Tables: OpenBullet Deep Dive
    • How it works and demo
    • Use it to your advantage: stop the attacks
  • Using OpenBullet Findings to Prevent Attacks
    • Wrap up and Q&A
Retail and Hospitality ISAC