Upcoming Event: Association of Certified Fraud Examiners - Washington DC Metro Chapter

Tuan Phan will be presenting on the topic titled "How Colonial and JBS Ransomware Hackers Made their Getaway" to the Washington DC Metro Chapter of ACFE on February 17, 2022 between 3:05 PM and 4 PM.


Event Page: https://acfedc.clubexpress.com/content.aspx?page_id=4002&club_id=850702&item_id=1644859


The presentation is a comparative analysis of various investigative techniques using Bitcoin onchain data and applied that to recent and well-known cases of ransomware. The presenter will reconstruct the ransom events and provide specific investigation techniques such as follow-the-money, address attribution research, IP deanonymization and other methods to describe what have taken place, The presenter will discuss the key difference between the JBS hack to Colonial Pipeline hack and how the FBI was able to recover in one case but not the other. The presentation will be great technical learning opportunity for cybersecurity professional and blockchain investigators and enthusiasts on the various blockchain investigation techniques.

Learning objectives:

  • Learn how to conduct onchain analysis using OSINT blockchain solutions and tools.

  • Learn how to interpret and build transaction flow diagrams to perform follow-the-money analysis.

  • Pick up advanced forensic techniques such as onchain queries and IP deanonymization.