Education

You Were Almost Hacked: Inside The Red Guild’s 2023 Ethereum Argentina Security Campaign

Crypto conferences may seem exciting hubs for networking and knowledge, but they’re also hotbeds for attackers trying to scam or compromise devices. The Red Guild took this reality head-on by running an undercover security awareness campaign at Ethereum Argentina 2023, aiming to teach people how real threats operate-without causing harm.

Here’s what they did, what they taught, and how you can stay safer at future events.

What The Red Guild Did at Ethereum Argentina

Their goal: show how attackers could target attendees-but in a controlled, harmless way.

Campaign methods included:

Dropping USB sticks containing only safe files.
Placing QR codes linking to warning pages (not malicious sites).
Launching a phishing simulation with fake flyers, a deceptive coding challenge, and a cloned conference website.
Giving attendees a small “gift” download during workshops.
Setting up fake WiFi networks to demonstrate risks.
Tagging laptops left unattended and unlocked with warning cards.

At the end, safety tips were shared to help participants defend themselves better.

Dropping USB Drives

Attackers often leave infected USB drives lying around, hoping someone plugs one in and infects their device.

The Red Guild mimicked this by scattering pendrives featuring:

A README-FIRST.txt e-zine sharing hacker culture and advice.
Tips on repurposing USB drives for personal security (e.g., password manager keys).
An original cyberpunk 8-bit soundtrack named “Coast Guard,” made especially for the event.

No malware, just engaging content to raise awareness.

Planting QR Codes Around the Venue

Random QR codes at conferences can lead to phishing sites or malware downloads.

To illustrate this, The Red Guild plastered dozens of harmless QR stickers everywhere-on tables, posters, and even the venue map.

Scanning one took people to a simple page warning: “Curiosity is good, but don’t scan unknown QR codes blindly.”

Phishing Flyers: Realistic but Fake

To demonstrate social engineering, they designed professional-quality flyers that looked official:

One promoted the event’s agenda via a QR code.
Another offered a fake coding challenge with a “win a hardware wallet” prize.

These flyers were displayed openly-until caught and removed by the event’s staff.

Even a “SCAM ALERT” warning popped up in the official Telegram group, highlighting how convincing the setup was.

Fake Website and GitHub Repository

To back their phishing simulation, they cloned the official conference website under a similar domain name, using the same IP address to add credibility.

Their fake site included an “agenda” link that instantly downloaded a PDF with no user prompt-demonstrating how attackers can trick you into downloading files.

The site also “listed” The Red Guild as sponsors, adding to the illusion.

The GitHub organization “ethereum-argentina” hosted the coding challenge, appearing authentic and professional.

The “Dangerous” Coding Challenge

The challenge seemed legitimate, inviting participants to find vulnerabilities in smart contracts to win a prize.

But simply running the provided Foundry project silently downloaded the same PDF “ticket” from the fake agenda-no actual prize or harm, just a lesson in how easy it is to unwittingly get files dropped on your device.

Almost “Pwned” During a Workshop

In an Ethereum Argentina workshop on smart contract security, The Red Guild left a subtle script in the materials.

Using Foundry’s capabilities, the script silently dropped their PDF onto attendees’ machines-harmless, but a live demonstration of potential attack vectors.

Notably, a reverse shell command was included but commented out-showing restraint and responsibility.

Flagging Unattended, Unlocked Laptops

One glaring issue The Red Guild observed was the frequent sight of laptops left unlocked and unattended-an easy target for attackers.

They handed out and dropped custom-designed cards onto such laptops, warning users about their risky behavior.

This simple act sparked engagement and humor but also raised serious security awareness.

Playing with Event WiFi Networks

To simulate WiFi-related threats, The Red Guild set up fake and cloned access points during brief periods.

They never disrupted the event’s official networks but used this setup to show how attackers could trick people into connecting to malicious WiFi.

Publishing a Security Awareness Article

All the campaign’s elements linked back to an unlisted article explaining the experiments, urging participants to keep the initiative confidential until the event ended.

This article offered further details and reinforced best practices for staying safe.

Key Takeaways: How to Stay Safe at Crypto Events

While no single step guarantees safety, here are basic precautions to reduce risks:

Never leave devices unattended or unlocked.
Find private areas to use laptops and make sensitive calls.
Avoid bringing or using main crypto wallets at events.
Be cautious before signing transactions-verify all data and prefer low-value wallets.
Use privacy screen protectors.
Don’t connect unknown USB devices to your laptop.
Consider a dedicated, less sensitive device (e.g., a cheap Chromebook).
Avoid scanning suspicious QR codes without checking URLs carefully.
Don’t join open WiFis unrelated to event organizers.
Never run untrusted code outside isolated environments.
Be cautious about sharing sensitive info; verify people’s credentials over time.

What’s Next?

This campaign was The Red Guild’s first real-world security awareness exercise-and a successful blend of fun, education, and eye-opening examples.

They plan to expand and bring these activities to more conferences with even more creativity and impact.

If you organize crypto or security events and want The Red Guild to run a security awareness campaign at yours, reach out and get involved!

Stay informed. Stay protected. And enjoy conferences safely!

Subscribe to The Red Guild blog for more insights and stories from the frontlines of Web3 security.