Polina is an undergraduate student at Belarusian State Economic University (BSEU) where she is studying at the faculty of International Business Communication for a degree specializing in Intercultural Communication. In her spare time she enjoys drawing, music and travelling.
New report, prepared by INTERPOL and Kaspersky Lab, suggests that the bitcoin blockchain is spreading malicious files around the web.
According to the report, conducted by INTERPOL cyber threat researchers, together with Kaspersky Lab expert, the bitcoin blockchain could be used by hackers to deliver illegal data, such as child abuse images.
The researchers warned that the space provided in every transaction could be utilized to distribute malware to the users of digital currency network.
The blockchain is an underlying technology behind bitcoin, which records every transaction ever realized. The problem is that it accepts any type of content, no matter if it is a bitcoin transaction or not. So instead of recording the transaction, the blockchain uploaded malicious files.
“The design of the blockchain means there is the possibility of malware being injected and permanently hosted with no methods currently available to wipe this data. This could affect ‘cyber hygiene’ as well as the sharing of child sexual abuse images where the blockchain could become a safe haven for hosting such data,” the Kaspersky’s research reads.
“It could also enable crime scenarios in the future such as the deployment of modular malware, a reshaping of the distribution of zero-day attacks, as well as the creation of illegal underground marketplaces dealing in private keys which would allow access to this data.”
Another problem is that it is quite difficult to remove the malicious code and, theoretically, it could be stored in the blockchain forever.
Each computer or server, running cryptocurrency software, automatically uploads the blockchain. This means that every computer, involved in bitcoin mining, is affected by malware, which is downloaded together with the technology.
“The core principle of our research is to forewarn about potential future threats coming from decentralized systems based on blockchains. While we generally support the idea of blockchain-based innovations we think that’s it is our duty, as a part of security community, to help the developers make such technologies sustainable and useful for the purpose they were intended for,” said Vitaly Kamluk, Researcher at Kaspersky Lab.
“We hope that bringing potential problems to light now will help in improving such technologies in the future and will make it more difficult for them to be used for any malicious purpose,” he added.
The issue has arisen important questions about the security of the technology and the bitcoin network. Given the fact that it is vulnerable to hacker attacks, the more serious attack with larger number of computers affected could come.
“The use of the blockchain for command and control of malware is even more difficult to control, because the instructions can be encoded in a way that looks opaque to everyone except the malware itself. There is no good solution for this; it’s a price we have to pay for freely transmitting information,” Emin Gün Sirer, bitcoin researcher at Cornell, told Forbes.