We participated in the Intenational Capture The Flag (iCTF) 2013 contest, and our team finished at the 23rd¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† position (out of 98)¬† (which is a big improvement compared to the last time when we finished at 36th out of 87).
The iCTF contest is a multi-site, multi-team hacking contest for students in which a number of teams compete¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† independently against each other. It is organized by the University of California at Santa Barbara, and it is held¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† once a year. It is important to emphesize that the iCTF contest serves educational purposes, in particular, students¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† can learn a lot about computer security during the preparation for the contest.
Our team consisted of BSc and MSc students of the Budapest University of Technology and Economics, as well as¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† PhD students and some other members of BME's CrySyS Lab. This was the second time we participated at iCTF, and¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† the first (and so far the only) Hungarian team ever.
Finally, we are very thankful to our sponsors.
For this occasion, on 28 March, the CrySyS Lab will organize¬†a birthday party to celebrate these 10 successful years with the invited close friends and ¬†co-operating partners.¬†
Kaspersky Lab and CrySyS Lab carried out the first analysis of Miniduke, a new targeted malware attack, in a joint effort. A detailed report on the results of our joint investigation has been published by Kaspersky Labs showing the malware's operation, C&C infrastructure and communications. CrySyS Lab published a report that contains information on the indicators of Miniduke infections and gives specific hints on its detection. More information here:
http://www.reuters.com/article/2013/02/27/us-cyberattack-miniduke-idUKBRE91Q0OL20130227¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† http://www.forbes.com/sites/kenrapoza/2013/02/27/old-school-malware-writers-resurface-with-miniduke-cyberattack/ http://www.origo.hu/techbazis/20130227-magyar-gepeket-is-tamadott-az-uj-kiberfegyver.html
The goal of the project is to develop a security framework that allows for the detection of targeted cyber attacks against critical infrastructures, and that supports the recovery from such attacks, incident handling, as well as forensic analysis aiming at determining the root causes and the impact of the incident.
According to the latest rumours beside Minibrake (a remote control device and a mini brake that has to be fixed on children bicycles to avoid accidents) the winner of the Kairos Student Venture Competition Tresorit (a cloud-based, secure file synchronising software) will be able to set up a booth also among the best student ventures of the world as part of the Kairos 50.
The Kairos 50 ventures are consisting the best ventures founded by university students from all around the world. The Founders of Tresorit and Minibrake will have the opportunity to meet and start working with global mentors like Bill Clinton or Bill Gates.¬† As a result of their previous track record (Tresorit and Minibrake have managed to get funding last year) we hope that the next Kairos Society success story is going to belongs to Hungary.
Tresorit, the spin-off of the CrySyS Lab, received an investement of 380 million HUF (~1.3 million EUR) from the venture capital fund Euroventures IV and 9 private investers. If you want to try the Tresorit system, subscribe for beta testing at the web site of Tresorit.
More info (in Hungarian): http://hvg.hu/Tudomany/20120925_tresorit_felho_titkositas
The sixth ACM Conference on Wireless Network Security (WiSec'13) will be held in Budapest in April next year. The General Chair of the conference is Levente Buttyan, and other members of the CrySyS Lab will also actively participate in the organization. Stay tuned, we will come back with the details later.
CrySyS Lab participated in the analysis of Flame.
Mark Felegyhazi won the Bolyai scholarship of the Hungarian Academy of Sciences.