A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Unblockable Chains – Is Blockchain the ultimate malicious infrastructure? - Omer Zohar Converge 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Unblockable Chains – Is Blockchain the ultimate malicious infrastructure?
Omer Zohar
 

As Crypto coins and Blockchain technology gain more traction in recent years, it brings promise of creating a decentralized, distributed and transparent economy which aim to disrupt the centric based approach current organizational structures.
But can it also be abused? Certainly, crypto coins has been the currency of choice for transactions on the dark web – But what about the underlying technology, the Blockchain? Could this distributed ledger, the global Blockchain, be abused for some nefarious purposes, such as building a resilient infrastructure to command and control malicious activities?

In this principal research, we demonstrate a POC of a fully functional C&C infrastructure on top of the Ethereum network – Currently the second largest public blockchain which also offers a distributed computing platform featuring smart contract (scripting) functionality.

Managing a botnet is a problem in distributed computing. While covertly inserted into an unknown environment a bot must discover and make contract with its operator and maintain contact over a long period. Over the years many attempts were made to devise the perfect scheme to discover, transfer and receive data without being detected and taken down. From plain O’ HTTP requests, thru DIY TCP Protocols and encryption and up to using fancy P2P networks, DGAs, Fast Flux or cloud services. All had their pros and cons and eventually a way to detect them was found. Will Blockchain prove as a better solution?

In this talk, which will include many code examples and a live demo, we will discuss:

* How can the blockchain solves the ‘first contact’ problem?
* How to deal with the fact that all data, code and transactions are publicly visible on the blockchain?
* What is the footprint of running a blockchain node on the client and how to minimize resources?
* Cost analysis: Is it feasible financially to run a botnet at scale on top of a blockchain?
* Is it takedown resilient? Can an adversary take interrupt or take over the network? Or cause its resources (ether) to deplete? What are the design pitfalls to mitigate such concerns?
* What information will be revealed to someone tracking the bot? how do you deal with it?
* Does it scale?

Finally, we will try to offer possible mitigations and detection methods.

 

Back to Converge 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast