TruSTAR announced that it will present the Single blockchain search tool selected for both research villages at Black Hat and DEF CON 2018 two of the largest and most highly regarded computer security conferences in the United States
The research tool "White Rabbit "provides an almost real-time contextual knowledge of a specific ransomware campaign, monitoring releases or decreases by detecting the Bitcoin transaction rates associated with the attack.
Threat researchers and malware hunters can quickly determine if a particular ransomware campaign is gaining momentum and prioritize associated compromise (IOC) indicators to detect and block the attack. The White Rabbit tool aligns with TruSTAR's bit of threat intelligence solutions that enable companies to extract, enrich, display and prioritize threat information.
The head of data science Nicolas Kseib and the head of engineering Olivia Thet will demonstrate how the public registry Bitcoin can be exploited to track the emerging malware and ransomware campaigns. The research demonstrations will take place at the Mandalay Bay Convention Center and the Caesar's Las Vegas Palace from 11 to 11 August.
Bitcoin public register data can be used as a traction marker for malware because it is often used as a method of payment in ransomware campaigns because of its pseudo-anonymous nature and its ability to be easily transferred across state and national territories .
TruSTAR is the first threat intelligence platform to trace Bitcoin addresses as a compromise indicator (IOC) .
As the blockchain evolves and potentially plays a more important role in cyberattacks, the security community will have to dramatically rethink current adversary tracking concepts, "said Nicolas Kseib, Lead Data Scientist at TruSTAR.  "We are fighting the wrong fight in trying to deanonymize the blockchain – we should instead look at the bigger picture," said Olivia Thet, TruSTAR Software Engineer. "Security analysts using TruSTAR are much more interested in the way Bitcoin wallet addresses correlate with the other IOCs they are tracking against who is actually implementing ransomware campaigns. "
To create the blockchain dataset, the TruSTAR data science team collected a list of addresses Bitcoin seed involved in illegal activities.Using these addresses as a starting point, the researchers have ric blocked a group of linked "dirty" addresses that could be traced to determine if a ransomware campaign is gaining momentum.