Crouching Miner, Hidden Exfil Video

Everyone is aware of the idea of alert fatigue and the unfortunate reality of overworked and undertrained analysts. What happens when attackers start to focus on that reality as a point of failure? I would like to show you how simple it is, using minimal time and open source tools, to attack analyst’s assumptions. In this talk, we’ll explore how we can edit an open source miner to make it fileless, and then use it to exfiltrate data.