Trick or treat? Unveil the “stratum” of the mining pools

Back to the list of Speakers and Sessions
In this presentation we explain how to hunt for cryptomining malicious activities, focusing on detection of collaborative work using the stratum protocol.

In the world of cryptocurrency-related malware, mining botnets are a growing threat for organizations. It is also not unusual today to have banking malware, ransomware, or spyware embedding cryptomining capabilities.

In this presentation we explain how to leverage publicly available sources for hunting cryptomining malicious activities. We focus on a common behavior of such malicious activities: using collaborative work to mine cryptocurrencies.

All the tools and scripts detailed in this presentation are or will be available in a GitHub repository: https://github.com/kwouffe/