Simulated money laundering was this year’s task at the annual “International Capture The Flag” (iCTF) hacking contest. 87 teams made up of computer science students from around the world, including 14 from Germany and three from Austria, competed in the eight hour tournament, organised by the University of California Santa Barbara (UCSB). There was just one UK entry, that scored zero points. The We_0wn_You team from the Vienna University of Technology’s Seclab took first place, overtaking the team from NRU ITMO in St. Petersburg, which had led for much of the competition. In third place, a respectable distance behind the top two, was the FluxFingers team from Germany’s Ruhr University of Bochum.
Each team started with an identical system image with a range of outgoing services, such as email and SMS gateways. The objective was to patch the security vulnerabilities in these services, to defend the system from attacks and to keep it up and running. Teams earned ‘dirty funds’ by performing tricky tasks. To launder this money and exchange it for clean points, teams were required to steal hash values from other teams’ systems. The exchange rate applied when converting money to points was modified depending on the level of security of the team’s system (defence level).
Detailed news link: here