BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.pass-the-salt.org//pts2026//speaker//TD9TLW
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-pts2026-SLJQQG@cfp.pass-the-salt.org
DTSTART;TZID=CET:20260701T173500
DTEND;TZID=CET:20260701T174000
DESCRIPTION:EtherHiding has recently been documented as a technique where a
 ttackers use blockchain infrastructure to host payloads or resolve command
 -and-control (C2) endpoints.\n\nIn this talk\, I present the analysis of a
  ClickFix campaign that goes one step further: using smart contracts not f
 or payload delivery\, but for victim tracking.\n\nBy reversing the client-
 side logic and analyzing on-chain transactions\, I show how victim identif
 iers are written directly to a BSC smart contract\, enabling attackers to 
 track conversions and control infection flow without traditional backend i
 nfrastructure.\n\nThis shifts the role of blockchain from passive infrastr
 ucture to active telemetry — a design that can also be leveraged by defe
 nders for visibility\, tracking\, and threat intelligence.
DTSTAMP:20260714T231740Z
LOCATION:Amphitheater 122
SUMMARY:Free Censorship-Resistant Infrastructure: When Malware Uses the BSC
  Testnet Better Than Web3 Startups - thomas
URL:https://cfp.pass-the-salt.org/pts2026/talk/SLJQQG/
END:VEVENT
END:VCALENDAR
