How not to get hacked during Consenus NYC 2018 (or any other conference)

Marsmensch
May 9, 2018 · 4 min read

This article is a brief but hopefully still useful hints and best practices that helped me not to get rekt deeply, even though i have a long history of attending security conferences like the famous https://www.defcon.org/, https://www.blackhat.com/us-18/ or http://www.ph-neutral.org/.

Image for post
Image for post
“Hacker Jargon” by Jeremy Keith is licensed under CC BY 2.0

Nobody can give you a guarantee, but there’s a lot of things you can do yourself to reduce your risk during (imho) the most dangerous days of the year of your crypto trading career.

Is attending a cryptocurrency related conference a risk?

I am practicing to think like a hacker for years. If you are a blackhat hacker targeting some of the new crypto traders, a conference like Consensus 2018 is one of these great times of the year where you get a lot of opportunities to pwn one or multiple attendees in many different ways with a lot less effort. Especially in regards to social engineering attacks.

Rule #1 Bring a sterile machine

Depending on your preferences, you might want to stick on an iPad. Personally, i do a full backup of my main notebook reinstall it from a clean medium. Install only the bare minimum you need. If you are presenting, bring nothing but the presentations. This is also an excellent opportunity to test your backup & restore strategy on a regular basis ;-)

Rule #2 Don’t use the conference Wi-Fi to connect to the Internet

Just don’t if you can. If you are prompted to install a patch or update, be really cautious. Odds are that it will be malicious. Activate airplane mode and check for text messages and missed calls on a regular basis. For example, only check your work email in your hotel room or while taking a walk.

Image for post
Image for post
“Hacker humor.” by Aaron Muszalski is licensed under CC BY 2.0

Rule #3 Mobile devices stay in your hotel room

Use a burner phone (a cheap, disposable cell phone) during the conference. Turn off Bluetooth, Wi-Fi and NFC on all your devices Make sure none of your applications can automatically turn them on. Setting up a fake cell tower is a piece of cake nowadays and your number is transmitted in clear text.

Rule #4 Use a VPN to encrypt all communication

Limit Internet access to essential functions only and use a VPN on all devices. I recommend a service provider with a great track record as ProtonVPN.

Rule #5 Contactless is bad

Leave any radio-frequency identification (RFID/NFC) enabled devices, such as your work badge, passport or fancy contactless credit cards in your hotel room. These cards can be cloned by anyone in close range to you. Get a specially shielded envelope if you have to carry these cards for some reason.

Rule #6 Anything USB is scary, avoid it!

Do not accept storage devices, USBs or files from people you don’t know. DO NOT charge phones, computers, or other devices in public charging stations. There are known attacks involving these stations. Get a portable battery pack instead.

Rule #7 Keep a low profile

This should be pretty straightforward. Avoid any unnecessary attention in the public. Don’t wear a shirt with your portfolio printed on it. Be mindful of whom you are talking to, and what you’re talking about. Especially if you are meeting someone for the first time.

Summary

These are the more important things to take care of. Follow these 7 simple (and tbh, surely annoying) rules and you will greatly reduce your exposure to potential hacking attempts.

Addressing these risks is important, but don’t forget you are at the conference to learn about the new & cool stuff, meet some new friends or even professional contacts.

Image for post
Image for post
“victory” by Damian is licensed under CC BY 2.0

Enjoy the time in NYC, see you there!

tales from the crypt(o)

staking, masternodes and tales from crypto land

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store