Ekoparty 2025: a quantum computer is showcased, public Wi-Fi is tested, and Mercado Libre explains how it fights employee account theft.

On the final day of Ekoparty , the hacker conference held in Buenos Aires for 21 years, three researchers from Mercado Libre spoke about how to prevent corporate account theft. A quantum computer , a rarity in the tech world, was also unveiled, and the "hacker joy train" tested the security of the city's public networks.

This morning, Ivan Casanova, Rodrigo Kociuk, and Ignacio Janeiro, three security analysts at Mercado Libre, explained a model for monitoring employee logins. Account compromise (or account takeover, in technical jargon) is one of the main risks facing companies: cybercriminals target corporate account passwords to infiltrate systems, steal information, and, in some cases, extort money from the organization or its employees.

At the beginning of the talk, global statistics were provided: attackers not only use phishing , but also purchase stolen credentials to try to evade security controls, a practice that increased the stock of leaked passwords by more than 160% year-over-year. The data is also marketed for multiple criminal purposes .

They also noted that artificial intelligence (AI) is facilitating the personalization of these attacks: “The average time to detect and respond to these incidents is alarming: 241 days, with an average associated cost of $4.4 million ,” the researchers said.

According to them, current market tools are not sufficient for a company the size of Mercado Libre, which is why they developed their own system: the system is based on the idea that each employee has a unique usage pattern, a sort of "digital fingerprint," which allows the level of risk to be determined.

"Let's say we have a developer named Ana who works from Colombia. If she logs in from another country, or at unusual times, the system automatically detects these anomalies," they suggested. To do this, they use " machine learning models, statistics, and behavioral rules," that is, parameters that denote how a user regularly behaves.

This customization allowed them to reduce false positives and respond to suspicious access in near real time, they explained. "Our goal was to prevent an attacker from ever causing an incident: they could log in, but they couldn't do anything with that access ," they summarized.

At the end of the talk, Clarín asked if FIDO-type authentication keys add a layer of protection: they are physical devices that function as a second authentication factor and increase the complexity of a potential attack. The researchers responded that they do significantly help mitigate the risk. "They should be complemented with behavioral detection and phishing exercises ," they added.

Quantum security is a cutting-edge area of ​​development that addresses a threat that doesn't yet exist, but is being developed at a theoretical level: when quantum computers become powerful enough, they will be able to break some of the most widely used encryption algorithms on the internet today, such as RSA or ECC (Elliptic Curve Cryptography, used by apps like WhatsApp).

This is what is known as "Q-Day" (or "Quantum Day") , the name given to the hypothetical moment when a computer is powerful enough to break the security of many of the encryption systems we use today.

One of this year's new villages was the Quantum Village , which takes its inspiration directly from DEF CON , the world's largest hacker conference held annually in Las Vegas. Carlos Benítez, an engineer and master's student from the National Technological University (UTN) , is one of the organizers of the space: "I contacted them, and not only did they help me, but they also invited me to give a talk at DEF CON this year. There we were able to see how it works from the inside, and we're trying to replicate that in Argentina to some extent," he told Clarín . The computer was provided by Víctor Macarrein, also a member of the local Village.

"When sufficiently powerful quantum computers exist (estimated within four or five years) , they will be able to break different types of encryption , such as 'secure' internet access (the lock we all rely on). This means we could access a third party's home banking system by falsifying a certificate, making the system believe it was generated by the bank when in fact it was generated by an attacker," explained Benítez, also CTO of Platinum Ciber.

“To counter this, companies must begin migrating to other systems that are resistant to attacks from these types of computers as soon as possible. In 2024, new algorithms were approved that are immune to these attacks, known as PQC ( Post Quantum Cryptography ). Some companies have already done so, such as the secure messaging app Signal, which already works with post-quantum algorithms,” Benítez added.

The computer was found in the center of the exhibition and does not look like any traditional home computer:

These devices are often difficult to access: “There are computers worth hundreds of millions of dollars, such as those from IonQ, IBM, Google, Microsoft, Righetti, Quantinium, etc., that are only found in specially conditioned data centers, as they operate at temperatures that reach almost absolute zero (-273°C) , even lower than those in outer space.”

"But there are others that operate at room temperature, but their technologies aren't scalable, so they're manufactured solely for educational purposes. One of these was the one we showcased at the Ekoparty Quantum Village so the community could have the opportunity to see and experiment with a quantum computer that they could see live, not just in photos," the specialist concluded.

One of Ekoparty's annual activities is what's known as " Wardriving ," a hacker "joy train" that goes out into the city to test the security of public Wi-Fi networks.

Connecting to a public Wi-Fi network (such as those found in bars, airports, or plazas) can be useful, but it also carries risks . These networks are often poorly configured or unsecured, opening the door to attacks such as password theft, personal data theft, or even spoofing legitimate websites.

To reduce these risks, modern networks have begun incorporating a new security standard called WPA3, the successor to the traditional WPA2 . This system better encrypts the information traveling between the device and the router, making it difficult for an attacker to intercept or decrypt it.

“This year we detected more connections with WPA3, which is good news because there are more routers with this technology, which improves the security of connections on open public networks,” Tomás Giordano, one of the organizers along with “Matt” and “Oszi,” explained to this media outlet.

"I find it interesting to add new technologies and raise awareness among internet service providers about how they provide the service," he added.

"Providers give you bad routers, block your access, and don't let you configure them. The problem with that is that it shows a lack of education. Wardriving's idea is to raise awareness about this space: just as a user worries about their home locks, why wouldn't they take the time to consider their router? " Oszi asked.

On the other hand, the hacker explained that oftentimes, "hacking WiFi networks is the gateway to the world of hacking. Scanning networks, understanding how they work, and determining whether they're insecure is a way to build community and learn from each other ," he concluded.

Ekoparty concludes, as usual, with awards presented for the hacking competitions held over the three days of the conference and recognition of individuals and teams that contribute to disseminating and growing the cybersecurity community in the region.