During the conference festivities, there will be a bunch of demonstrations showcasing all kinds of hacker tools, security services, and engineering studies. Two developers from the intelligence platform firm Trustar will be revealing a new 'early warning system' called White Rabbit that detects emerging ransomware campaigns that utilize the Bitcoin Core (BTC) network for ransom payments.
A New Blockchain Surveillance Tool Called White Rabbit Will be Presented at the World's Largest Hacker Conference
Right now, many tech-savvy enthusiasts, cyberpunks, and hackers are gathering in Las Vegas to attend two well-known tech-conferences: Defcon 2018 (Caesar's Palace), and Black Hat Arsenal (Mandalay Bay). This year's events will feature all types of mobile jailbreaking and rooting techniques, opsec methods, online certificate abuse, DDoS attacks, and drone technology, but only one demonstration that ties to cryptocurrencies. During the visit, people will be able to see a tool created by the intelligence platform Trustar's lead developers, Olivia Thet (engineering) and Nicolas Kseib (data science), which tethers illicit ransomware crimes to bitcoin transactions. The tool is called White Rabbit and the developers claim it provides a "near real-time contextual awareness of a specific ransomware campaign." Essentially White Rabbit monitors bitcoin transactions associated with these types of crimes allowing investigators the ability to tag specific transactions.
Clean and Dirty Addresses
According to the demonstration summary, White Rabbit is a three-part model that first starts by collecting BTC addresses and classifying them as "clean" or "dirty."
"The second part is to test the classification models using this dataset and propose decision metrics to optimally pick a model. In this part, we will also discuss ideas about how to compute expensive, but important features obtained from transaction data stored on a graph database," explains the Trustar developers.
In the third part, we will show how to use the obtained optimal model to predict if an address is "dirty". Finally, we will discuss our challenges when solving this problem and propose solutions to overcome them.