NOMINATION HIGHLIGHTS

HUMAN Security’s Vice President of Threat Intelligence, Lindsay Kaye, creates and executes on the company’s strategic vision and participates as a researcher and malware analyst on the Satori Threat Intelligence and Research Team. Her technical specialty spans the fields of malware analysis and reverse engineering. Over the past year, Lindsay has led critical efforts in two major Satori investigations.

The first, BADBOX 2.0, involved the China-based ecosystem behind the original BADBOX campaign. The next-generation scheme involved off-brand devices powered by the Android Open Source Project, such as connected TVs, cellphones, and aftermarket car infotainment systems, with a backdoor installed, which allowed threat actors to deploy various fraud modules. BADBOX 2.0 infected more than 10 million consumer devices across 222 countries and territories, up from 74,000 in the original BADBOX.

HUMAN worked with Trend Micro, Google, and the internet security group Shadow Server to neutralize as much BADBOX 2.0 infrastructure as possible by sinkholing the botnet. Lindsay led HUMAN’s involvement in the threat intel sharing task force with Google, which included disseminating findings to the FBI. The FBI later released a public service alert to warn the public about the BADBOX 2.0 botnet. Lindsay also conducted some of the reverse engineering on the native code for the backdoor. The investigation garnered widespread coverage reaching over 2B views.
Lindsay also played a significant role in the investigation of Phish ’n’ Ships, a fraud operation centered on fake web shops that abuse digital payment providers to steal consumers’ money and credit card information. The threat actors infected more than 1,000 websites and built 121 fake web stores to trick consumers. Researchers estimate losses of tens of millions of dollars over the past five years, with hundreds of thousands of consumers victimized. The TODAY Show featured it due to its threat to the broader public.