Our team is always interested and actively seeking recent cyber attacks that have been occurring more and more frequently around the world. Whether it be the British Airways SQL Injection where actors used a malware by the name of Mage-Cart that compromised 380,000 booking transactions or the Chinese made rootkit browser hijacker CEIDPageLock discovered by the Google Chrome Browser redirecting users to a malicious site by the URL 2345.com. Our primary focus is to find solutions to new vulnerabilities and/or exploits as they appear in the wild and even getting ahead of vulnerabilities before they can be exploited .
What it does
Ultimately we want to use both Auth0 and Here API's to create an official Google Chrome Browser extension. The extension would have the user authenticate every time they went into the browser, with either location via Geofence or a multi layer authentication method thanks to the Auth0 API. The main goal of the extension is to prevent malicious executable files from accessing you web browser and eliminate Web Browser Hijacking.
How we built it
Because of the time constraint, we knew that building an entire website on top of everything else wasn't realistic. In order to give a good demo of our idea we used GitHub Pages to temporarily act like our webpage. We incorporated both the Auth0 and Here API to provide the security we were aiming for.
Challenges we ran into
Being able to incorporate 2 API's into one. Finding an API that would provide us with multi-layer authentication at little to no cost and be compatible to the here.com API.
Accomplishments that we're proud of
Being able to tackle a real world exploit being used in the wild and actually being able to provide a realistic solution to prevent similar attacks in the future. Our creation is something that functions seamlessly for both personal or largely distributed in a corporation settings. For example a DOD contractor working remote from his house or an entire business building.
What we learned
We were able to break down multiple campaigns being used against some of today's major companies. The in's and outs of how foreign/domestic actors are finding these vulnerabilities. The most common one seen being taken advantage of being Buffer Overflows due to poor coding. This allowing malicious code to be attached and executed, because of data spilling out. We also learned how to use Geofence similar to Samsung's Smart Lock technology and not how its used commonly by big companies for big data analytics.
What's next for test
We want eventually have our program available as a Google Chrome extension. Allowing all types of users to have an additional layer of defense against against malicious attacks.