Hacking Book | Free Online Hacking Learning


new usage of blockchain: control botnet

Posted by agaran at 2020-02-26

New usage of blockchain: control botnet

Wednesday, June 27, 2018

Blockchain technology can be used to create anti mitigation botnet infrastructure

At the Bsides conference in Tel Aviv on June 19, Omer Zohar, a security researcher, demonstrated a proof of concept code to build a full-featured command and control (C & C) infrastructure on the Ethereum network. Zohar hopes to lead hackers and develop potential mitigation strategies by exploring the possibility of blockchain abuse.

Blockchain, a distributed ledger technology, can be abused to create decentralized distributed infrastructure for the final botnet C & C. Once the host is infected with zombie virus, it will automatically find its control end and establish and maintain communication with C & C server. All kinds of network criminals have been honing these functions for many years, trying to evade detection, maintain anonymity, and resist the cleaning action of judicial institutions.

Hacker technology has developed from simple HTTP request, custom TCP protocol and encryption to the use of P2P network, domain name generation algorithm (DGA), fast flow (fast flux: phishing and malware distribution website hiding technology with fast multi-agent switching), and abuse of cloud services and social media accounts.

Although the above hacking technology has certain flexibility and privacy, as long as its network topology is determined, the whole hacking operation is shut down, which is just a matter of time. However, blockchain based technology can be abused to overcome this disadvantage. The high availability, authentication and anonymity functions that botnet operators want can be obtained through blockchain technology, which makes the blockchain based C & C infrastructure have the characteristics of anti mitigation and anti shutdown. All of these make the application of blockchain technology in botnet construction attractive.

However, there is no harm to Baili. Just think about it. Everything has its advantages and disadvantages. Zohar found that the first disadvantage of blockchain technology applied to botnet is its high operating cost. Every byte sent to the blockchain by the user has to pay for itself. Every zombie host needs to consume a certain amount of Ethernet currency. With the increase of the value of cryptocurrency, the cost of operating botnet becomes a heavy burden for hackers.

Zohar's research is entitled "blocked chain: is blockchain the ultimate malicious infrastructure?"? „ÄčIt was explained in the speech. Zohar is committed to studying the promotion of blockchain, AI and other emerging technologies on malicious network activity infrastructure and corresponding mitigation measures.

Code and details: