ThotCon, short for Three One Two Conference (Chicago’s area code is 312), is one of Chicago’s few hacking conferences.

This was my first security conference, and I wasn’t sure what to expect, other than to walk away more educated and (probably) more scared. Success on both counts. I also had a preconceived vision of what the crowd would look like: a cross-breed between Linux beards, and someone dressed up for Comicon. While there were some interesting-looking people there, most were just your regular, everyday normal guy/girl. (Except that one dude with nuclear green hair and a belt made of bullets. He checked all the boxes for “looking the part”, and he was also a super-nice guy to boot.)

My favorite session was “Crimewave 101” by Vyrus that was just downright scary. He (cough, allegedly) coded up a fake ransomware, posted it on Reddit at 11pm the night before, and by roughly 3pm, he had received over $2,000 in in payments. The fee to “unlock” their files was only $5. That means over 400 people downloaded & ran a random executable AND proceeded to give away their credit card information. It was only a fake ransomware, since, as he clearly stated, he likes living in the US and would prefer not to go to jail - he didn’t actually encrypt anyone’s files, or charge their credit cards.

<disclaimer>The story above is hearsay and may, or may not have happened. I have no evidence to indicate that said actions ever took place. </disclaimer>

I’m definitely going back next year, if only to hit up the lock pick village that I didn’t have a chance to check out this time around.