DEF CON 33: Argentines reveal router flaws, North Korean malware, and explain quantum cybersecurity

Argentina was once again present at DEF CON , the world's most renowned hacker conference, held annually in Las Vegas since 1993. Highlights included various researchers presenting on router flaws that allow unauthorized access, a "North Korean virus zoo," and the latest advances in quantum cybersecurity .

The talks took place in different " villages ," which are spaces dedicated to different areas of knowledge about the Internet, applications, systems, and hardware.

Last year at DEF CON 32, the Faraday Security research team of Octavio Gianatiempo and Gastón Aznarez exposed a series of security flaws affecting at least 500,000 routers from the Taiwanese brand DrayTek .

“The previous talk discussed several vulnerabilities that allowed an attacker to persist on a network undetected,” Gianatiempo explains to this outlet. “Now, following other bugs detected by another security team, we've found two new critical vulnerabilities that allow initial access to the router. Combined with last year's flaws, this creates the ideal scenario for an attacker to enter undetected ,” he adds.

"It has a significant reach due to several factors: the large number of potentially vulnerable devices, users' habit of not changing default passwords , and the lack of transparency of the operating system, which can hide new vulnerabilities," Gianatiempo explained when they discovered this bug. This year, they reported new findings about this potential attack on devices.

Faraday has a portfolio of talks and reported vulnerabilities at DEF CON: in 2023, they published research on how to modify the video stream of a model of Ezviz cameras that sells a lot in Latin America. In 2022, they gave a talk on one of the main stages about a critical flaw in the development system of Realtek , a semiconductor manufacturing company that impacted routers around the world, including some of the best-selling models in Latin America.

In addition, a few days ago they had presented at Black Hat a device to test the security of modern cars .

Another of the researchers who spoke was Mauro Eldritch, a threat analyst specializing in malware (viruses) and advanced threat actors. With a background in cyberintelligence and his own company dedicated to analyzing leaks ( BCA LDT ), and with extensive backgrounds on North Korean viruses , the analyst compiled a series of studies on programs associated with that country and explained the dangers they pose in the current threat landscape.

"The idea of the talk was to demonstrate how North Korea's four main threats work. They are malware considered cyberweapons because they are used by a dictatorial regime for international corporate and economic espionage ," the analyst explained to this outlet.

What was interesting about the exhibition was that it addressed a widespread problem in multinational companies that are unwittingly hiring infiltrated spies . "We showed how these viruses are distributed. Through fake job interviews, or fake calls to major players in the financial sector, posing as investors," he added.

Eldritch also spoke at the Data Duplication Village (a place where data is copied and people learn about how storage drives work) about how applications like Google Calendar can become an attack vector: “No one is going to review the traffic circulating in a calendar, and that's precisely why it becomes an attractive attack vector for a cybercriminal.”

And earlier this week, he demonstrated at BSides Las Vegas , another security conference running in parallel with Black Hat, how to encrypt subcutaneous implants with ransomware.

Quantum security is a cutting-edge area of development that addresses a threat that does not yet exist, but is being developed at a theoretical level: when quantum computers become powerful enough, they will be able to break some of the most widely used encryption algorithms on the internet today, such as RSA or ECC (Elliptic Curve Cryptography, used by apps like WhatsApp).

This is what is known as "Q-Day" (or "Quantum Day") , the name given to the hypothetical moment when a quantum computer is powerful enough to break the security of many of the encryption systems we use today.

Carlos Benítez, an engineer and master's student from the National Technological University (UTN), spoke at the "Quantum Village," where research into quantum security is explored. "In the world of cybersecurity, Shor's (and Grover's) algorithms captured everyone's attention, but there are and could be other cybersecurity applications in which quantum computing could be used. In the talk, I presented some basic ideas on how to address cybersecurity problems without needing to understand the physics of quantum systems," the specialist explained to Clarín.

Additionally, Benítez, CTO of Platinum Ciber, showed examples "of the propagation of cybersecurity risks using publicly available quantum computers ." His presentation resembled a university lecture, but with a very introductory tone to lower the barrier to entry. This October, they will bring the space to Ekoparty, a hacker conference in Argentina.

The connection between Argentines and the hacking community grows stronger every year, as there are always different investigations and contributions from the River Plate region. This year, " InfoSecMap " was also launched, a free and collaborative platform that unifies conferences, events, and groups related to cybersecurity and hackers.

Created by Walter Martín Villalba, an Argentine who has lived in California for over 10 years and works at the OWASP Foundation, the app has grown over time to bring together worthwhile presentations, talks, and competitions, in a context where there are increasingly more spaces to discuss and practice hacks. It also has a Latin American version , which was presented at " La Villa Hacker ," a space where Latin American hackers present at DEF CON.

Argentine researcher Mariano Marino also gave a workshop on reverse engineering in that village. "We leave security in the hands of easily vulnerable devices, such as alarm sensors and gate automation systems: the talk aimed to give someone without prior knowledge everything necessary to determine whether these devices are secure," he explains.

He specializes in “hardware reverse engineering,” a process that infers how a device works by disassembling and studying it, something that “can become tedious without a methodology to aid in the process,” Marino says.

DEF CON is one of the world's largest hacker conferences. It serves as a laboratory for technology, vulnerabilities, and exploits of everything that surrounds us in today's increasingly interconnected world.

It started in 1993 with just 100 people, when Jeff Moss was 18 years old. As it grew, it led the hacking community to create other conferences, such as BSides Las Vegas (which started with the DEF CON holdouts) and Black Hat , which is more corporate-oriented but has a strong technical component.

The three conferences take place in early August and make up what is known as the Hacker Summer Camp.

Year after year, nearly 25,000 hackers from around the world gather in Las Vegas, Nevada, to present their research on how to breach everyday systems, applications, and programs. Technology companies often take action and fix these security issues.

Hackers are a community of technology enthusiasts who explore how systems, whether programs or physical devices, work, disassembling or breaking them to understand and modify or improve them.

DEF CON features talks, hacking competitions, lockpicking (techniques for opening locks), and more than 30 "villages," spaces dedicated to hacking cars (every year a Tesla is found to have vulnerabilities), military radios, and even satellites. Others are more software-specific, but geared toward different sectors, from digital payments to red team exercises (attacking networks or systems), data duplication, and password theft.

As has been the case for the past two years, artificial intelligence is often featured in many talks and competitions, such as the one held by DARPA, the U.S. Department of Defense agency tasked with developing new technologies for military use. Participants are invited to hack AI models or find vulnerabilities—like the one an Argentinian found this year at Black Hat—for a monetary reward. This year, a team from Atlanta took home the prize: $4 million .

The foundation of DEF CON is to share knowledge about hacking, but above all, to strengthen the community. " Do criminals attend the convention? Yes, they also attend school, work, and are in government," the organization answers on its FAQ page.