Kaspersky SAS 2017

Kaspersky SAS 2017 was so much fun! We met some very interesting people and made a lot of connections with people. So much stuff to be seen and heard. I couldn’t be prepared for what happened!

Everything from ATM hacking to drone hacking was done there. Lani kicked ass as always, she had her own sweet dancing performance that everyone loved and our talk. We came in as newbies and became superstars at the end. We are very humble by it all. We were invited again next year.

Both of us were so nervous making sure our talk was successful. “When Smart Medical Devices Become Our Worst Nightmare” There was a lot of stress this time, mostly because we were speaking with smart people at top companies.

In the end, we won the best speakers award and the most interesting talk award. It wasn’t easy but nothing is easy in life. We ended the trip with a lot of partying.

I didn’t take many pictures, but I do have footage of the conference. So there may be a video or two later :D. You can find pictures somewhere on the interwebs.

I see a bright and awesome future for us thanks to our hard work. Lots of ideas and many more conferences. Stay tuned for more.

The research will come in later blog posts.

Kaspersky SAS 2017 Video

Here’s the short film that Lani and I made that won us 2 huge awards at the Kaspersky Security Analyst Summit! It represents the actual hacks that we’ve performed on my wheelchair and the “self-driving” segment is a demonstration of something we’ve actually accomplished.

Premise: “Stephen is coding his chair to become intelligent. He wants the chair to help him with daily tasks. The chair becomes so smart that it is able to upload him into the chair’s MCU & turns evil. The chair begins to create malware that is able to infect other devices. The only thing the chair needs to complete this is Stephen’s “master key” which he left with his assistant Lani.

The chair is “hunting” Lani to get the master key & Lani must hack the wheelchair via side channel attacks to break the lock on the microprocessor, dump the firmware, and save Stephen. While she is in there, she must find possible vulnerabilities in the R-Net Bluetooth module. This would allow us to upload new firmware (using master key) that permits other devices to remotely control the chair. This allows them to regain control of the MCU and escape.”

Stephen Chavez
Cyber Security Researcher

Cyber security researcher; Takes world adventures with friends. Focusing on malware development and analysis.