Wednesday 2 October 14:30 - 15:00, Red room
Jakub Souček & Radek Jizba (ESET)
Telekopye is a Swiss Army knife for turning online marketplace scams into organized illicit businesses. Dozens of groups with up to thousands of members each utilize it every day to steal millions from 'mammoths', as they call the targeted buyers and sellers. 'Neanderthals', as we call the scammers, require little to no technical knowledge – Telekopye takes care of everything in a matter of seconds.
Thanks to collaboration with law enforcement and several of the online marketplaces targeted by Telekopye, we were able to gain unique insight into the whole operation. One of the most shocking discoveries was that some Telekopye groups, instead of employing cybercriminal wannabes, threaten people in difficult life situations and force them to perform these scams. This chilling fact puts the whole operation into a completely different light. We were also able to better understand the online marketplaces’ defence capabilities, which we will briefly share with the audience. Additionally, we helped those marketplaces further strengthen their defence based on what we learned from Neanderthals’ internal documentation (obtained by infiltrating their ranks).
Join us on a journey exploring these scams from the attacker’s perspective. Telekopye is designed to target a large variety of services (OLX, Vinted, eBay, Wallapop), mainly in Europe and North America. It offers advanced features to its users, which we will demonstrate – fully automated phishing web page generation, an interactive chatbot with on-the-fly translation, and anti-DDoS protection of the whole phishing domain, to name a few. Telekopye groups have expanded their targeting recently – they have added support for scam scenarios aimed at users of popular online platforms for hotel reservations. According to our telemetry, this scam type seems to be the most popular one currently. We will demonstrate how this scenario works and how to detect and prevent it.
As the best defence against these scams is awareness, as well as our demonstrations, we will provide a comprehensive guide to evading the Neanderthals’ spears.
![]() |
Jakub Souček Jakub Souček is a senior malware researcher at ESET with almost 10 years’ experience in the field. He currently leads ESET’s crimeware research team located in Prague, Czechia, focused on battling with ransomware. He has also managed botnet disruption collaboration efforts with external partners and law enforcement and has experience with APT research as well. Besides that, he focuses on in-depth analysis of malware and long-term tracking of prevalent malware families. His past speaking experiences include conferences such as Virus Bulletin and Botconf. In his free time, he enjoys watching TV series and listening to music and is a big LEGO fan.
|
![]() |
Radek Jizba Radek Jizba graduated from the Computer Security program at FIT CTU in Prague in 2022 and started working at ESET. Since 2023 he has been working as a malware researcher with a focus on crimeware. He has spoken at several local events. In his free time, he likes to go paragliding, kiteboarding, or do some similar sports. |
Back to VB2024 conference page