2025-09-27 –, Off-Main Track
Ever wondered what it's like to investigate a phishing campaign? Do you just grep the IOCs and call it a day? But what if you go further, how deep do you go? If you stop at the first email, what are you actually achieving and does doing that actually help? What if investigating further results in the operators abandoning the entire phishing-as-a-service operation?
In this talk, I'll be speaking about the journey and process I took to investigate a previously unknown phishing-as-a-service group that lead to the operators completely shutting down their entire operation within days of publishing the report. I'll be going through some of the opsec failures, source code snippets, as well as other fun facts and examples about how threat actors make the same mistakes we do.
Justin is a speaker with a remarkable background in Network Security. After gaining his degree in Network Security and working as a forklift driver for a few years, he is now working as a Security Engineer. Justin regularly competes in Capture the Flag events where he improves his skills and knowledge. Despite living with ADHD, or perhaps because of it, he has developed an unquenchable thirst for cybersecurity knowledge.