Do C&C through a blockchain? C’mon, you could do better Interpol!

On a recent Forbes article one can read Interpol claiming that Bitcoin’s blockchain offers a safe heaven for malware and child abuse. Sure it proved to be nothing more than propaganda.

First of all the article’s title is mostly unrelated to its contents. The article deals with using a blockchain to command and control (C&C) botnets, that is, inserting commands into the blockchain for bots to execute. Such has little to do with malware and child abuse. This alone tells us loads about the author’s motives and journalistic accuracy and about Forbes’ editorial guidelines.

Then, inserting commands into a blockchain seems nothing more than a plain stupid idea. As said on the article itself it would:

  • become expensive due to transaction fees, actually 0.0001 BTC for each 1000 bytes if done on Bitcoin;
  • turn the blockchain into a permanent record of the botnet’s administrator crimes.

Besides this, the botnet’s admin would also be crippled by the small amount of space available on blocks. Currently most Bitcoin miners discard transactions larger than 100 KB. and the maximum block size is 1 MB. Thus the admin can only insert simple commands into the blockchain. However, virtually all contemporary botnets are prepared to receive large payloads with new executable code. Those won’t fit easily inside blocks and require another communication channel. Nowadays botnets use Tor hidden services for that purpose. Therefore, if some other communication channel must be in place, why make things harder and more expensive, using a blockchain?

All this makes little sense both in terms of monetary costs and development effort.

Interpol is spending tax-payer’s money on Kaspersky researchers to find evil applications for blockchain technology and this is the best they can come up with?

Well, we will see if someone stupid enough comes around and explores this. If it ever happens my first suspect will be Interpol.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s