DECENTRALIZED MALWARE ON THE BLOCKCHAIN presented at BlackHatAsia 2015

by Vitaly Kamluk, Christian Karam,

Summary : The blockchain is the public ledger stacking all bitcoin/altcoins transactions. It is constantly growing as "completed" blocks are automatically added to it with a new set of records. The blocks are added to the blockchain in a linear and chronological order. The blockchain has complete information about the addresses and their balances right from the genesis block to the most recently completed block through the mining process. Depending on the crypto-currency and the implementation of its protocols, there would be a fixed open space, where data can be stored, referenced or hosted on the blockchain within encrypted transactions and their records. This very versatile nature of the blockchain offers great opportunities for future innovation especially in decentralized systems.
The research focus revolves around the threat of embedding decentralized chunks of malware on the blockchain by either hosting it or referencing it with cascaded pointers. Transactions and data are encrypted throughout the blockchain networks using different versions of public/private key encryption. Could malware survive eternally inside crypto-transactions? A proof of concept will be explained highlighting the concerns revolving around the "abuse and bloating" of the blockchain while comparing it to previous malware hosting and deployment models.
In this talk, INTERPOL will frame the scope of this future threat and provide potential solutions for a threat surrounding the blockchain technology.