Analysis of the Cryptocurrency Marketplace by Alex Heid alex al ex @ha hack ckmi miam ami .o i.org alex exhe heid id Twitter: @al http tp :/ :/// www www.Ha .HackM ckMia iami mi .o .org Web: ht
Overview
This paper will go over the technical, economic, and social impact of cryptocurrencies such as itcoin and !itecoin. This document will go into a comprehensive level of detail a"out cryptocurrency technologies and protocols, as this is re#uired to familiari$e the reader with the principles "ehind the rapidly emerging open source economic ecosystem. %urthermore, emerging attack vectors of cryptocurrencies will "e discussed, such as custom malware campaigns and targeted exploitation. What is cryptocurrency?
&t the time of writing, the concept of decentrali$ed cryptocurrency is still in its infancy, having "een conceived in 'anuary ())* "y a pseudonymous researcher going "y the name +atoshi akamoto. The open source pro-ect known as itcoin was created on the proofofconcept principle that transactions can "e securely processed on a decentrali$ed peer to peer network without the need for a central clearinghouse. entrali$ed management has always "een a part of other digital forms of payment, such as credit cards or wire transfers. The nature of the open source cryptocurrency protocol does not allow for traditional disadvantages such as charge"acks or dou"le spending due to the use of signed encryption keys, effectively removing fraud risk from the merchant. The prominence and popularity of cryptocurrency technology has #uickly spread through the general pu"lic as means to store and transfer wealth, as well as engage in secure ecommerce. &s with any new technology that generates rapid glo"al interest, cryptocurrencies have "een targeted "y malicious actors seeking exploitation of the experimental nature of the protocol. These attacks have come in the form of data "reaches, targeted attacks against end users, and state sponsored regulation. ryptocurrencies are physical precomputed files utili$ing a pu"lic key / private key pairs generated around a specific encryption algorithm. The key assigns ownership of each key pair, or 0coin,1 to the person who is in possession of the private key. These key pairs are are stored in a file named 0wallet.dat,1 which resides in a default hidden directory on the owners hard drive. The private keys are sent to users using dynamic wallet addresses generated "y the users engaged in transactions. The destination payment
address is the pu"lic key of the cryptocurrency keypair. There is a finite amount of each cryptocoin availa"le on the network, and value of each unit is assigned "ased on supply and demand, as well as the fluctuating difficulty levels re#uired for mining each coin. The wallet.dat file is the most important file of the cryptocurrency software architecture, as that is where the physical cryptographic private key file is stored. Much like cash, if a user loses their wallet.dat file, or has it stolen, the cryptocurrency is lost. The decentrali$ed nature of open source protocol ensures that the control of the network remains in the hands of the users. Transactions are dependent on participants in the network, and the user responsi"le for the security of their own finances and data, without the need for reliance on third parties such as "anking institutions. institutions. itcoin operates as a p(p file sharing protocol, and therefore the concept is similar to .torrent technology. The p(p network relies on user participation for successful trusted data exchange. 2ach transaction is confirmed through key verification on multiple nodes in the network "efore reaching its destination. This crowdsourced key verification process guarantees the integrity of the data transfer. The most popular cryptocurrency at the time of writing is itcoin, with alternatives such as !itecoin rapidly gaining market traction. The source code for these programs, as well as the code for other cryptocurrencies, are availa"le on all ma-or open source code repositories. Types of Cryptocurrency Bitcoin
The first cryptocurrency to emerge was itcoin 3T4, "ased on the +H&(56 algorithm. This virtual commodity was conceptuali$ed in a whitepaper written in ())* "y a pseudonymous author who went "y the name +atoshi akamoto. 7ver the course itcoin1s first four years, the market price of a single itcoin has fluctuated from "elow 8).)9+; to over 8(5)+;. The highly volatile price has made itcoin an attractive investment alternative for traders seeking to profit from market speculation, while at the same time the market volatility has made long term investors and daily users hesitant to participate for long periods of time. & single itcoin can "e spent in fractional increments that can "e as small as ).)))))))9 T per transaction. The smallest increment of a itcoin is known as a +atoshi, named after the original whitepaper author. The protocol allows for incremental transactions in the event the value of T to rises to the point where micro transactions will "ecome commonplace. The rise in the value of T is
anticipated "ecause there is a limit to the total amount of itcoin will ever "e created. 7nce the itcoin "lockchain is completed, users can only circulate the coin that still exists on the network. &s time goes on, itcoin will "e lost and destroyed through daily use. The principles of supply and demand economics will come into play, increasing value of remaining itcoin. itcoin is currently the most reputa"le of all cryptocurrency, as it is the oldest, and has "een the su"-ect of mainstream media coverage due to rapid market fluctuations and an innovative technical concept. &t the time of writing, itcoin can "e interpreted as "eing the 0gold standard1 of cryptocurrency "ecause all alternative cryptocurrency market prices are matched to the price of T. &dditional details a"out the history of itcoin can "e found on the itcoin.org we"site and the official wallet. itcoin and other cryptocurrencies are also a"le to run as a daemon in the "ackground as a headless server. !i "." # Bitcoin#%t splash screen
!i ".$ # Bitcoin#%t wallet &'(
)itecoin
!itecoin 3!T4 can "e considered the 0silver standard1 of cryptocurrency, as it has "een the second most adopted cryptocurrency "y "oth miners and exchanges. !itecoin makes use of the +crypt encryption algorithm, as opposed to +H&(56. 7ne of the goals of !itecoin was to have transactions confirm at a faster speed than on the itcoin network, as well as make use of an algorithm that was resistant to accelerated hardware mining technologies such as &+>. &t the time of writing, the +crypt algorithm is resistant to &+> mining due to intense ?&M re#uirements. The total amount of !itecoin that is availa"le for mining and circulation is four times the amount of itcoin, meaning there will "e #uadruple the amount of !itecoin availa"le to itcoin. &dditional details a"out the history of !itecoin can "e found on the official !itecoin we"site and the official
!iure ".* # ".+ displays images of the !itecoin => wallet. !i ".* # )itecoin#%t &'( splash screen
!i ".+ # )itecoin#%t &'( wallet
Altcoins
0<coin1 a is slang term for the do$ens of pro-ect forks that have emerged within the cryptocurrency software development community. <coins are 0forks1 of either itcoin or !itecoin, meaning they make use of +H&(56 or +crypt encryption algorithms and feature their own uni#ue properties. ames of various altcoins range from memora"le to comical 3%eathercoin, Terracoin, A(Aoin, itar, hinaoin, Boin4. The profita"ility of mining and trading altcoin varies on a daily "asis. +ome altcoins exceed the profita"ility of itcoin at times, while others are less profita"le. >t is "elieved "y some cryptoeconomists that altcoins contri"ute to a diverse cryptocommodities marketplace, which is a good thing as there is more opportunity for speculative ar"itrage and mining difficulty levels are spread over many different networks. 7ther cryptoeconomists disagree a"out the "eneficial aspects of altcoins, citing overuse of the cryptocoin concept will dilute widespread adoption and restrict the use of the technology to speculative trade markets instead of daily commerce. !iure "., displays various logos for some prominent altcoins that are exchanged on various trading platforms. The altcoin software all have similar => interfaces to that of itcoin and !itecoin. !i "., # A few e-aples of altcoin loos # Coin0 !eathercoin0 BB1Coin0 (2coin0 Mincoin0 Terracoin0 !reicoin
Minin Cryptocurrency
The term 0mining1 is slang for the use of computational power to process transactions for a cryptocurrency "lockchain in order to receive a reward of cryptocurrency for the effort. The computational power will come in the form of A processing or =A processing. Miners are rewarded for successful 0shares,1 or completed computations, "y receiving a payment with fees that are collected along the way "y the p(p network. &t the time of writing, the reward for a successfully completed itcoin "lock is (5 T and 5) !T for a !itecoin "lock, and diminishes as the "lockchain grows.
The computational power re#uirements differ depending on the encryption algorithm "eing used. +H&(56 mining rates are measured in =H/s, whereas +crypt mining rates are measured in CH/s. !iure ".3 displays a screenshot of mining software actively processing the !itecoin at 9.(/Mhs !i ".3 # C&Miner 4$- &' raphics cards 5 63$,78/s9
olo Minin
Miners are a"le to use the computational power of their A or =A to process transactions for the cryptocurrency network on their own, as opposed to pooling resources with other miners. The advantage of solo mining is that the miner would receive a full payout for a completed "lockchain. The disadvantage to solo mining is that an increasing difficulty rate makes the chances of repeatedly completing a "lock with a valid share su"mission minimal. +olo mining is advantageous when cryptocurrencies are newly introduced, and "ecomes less effective as more miners -oin the network. +ome unscrupulous developers have "een known to 0premine1 coins on a "lockchain of a fork that they have developed in the hopes that they can corner their own market and sell the coins at a later date, earning a significant profit. The idea is that if the fork can "e promoted enough to "e adopted "y an exchange trading platform, and then the developers can unload premined cryptocurrency for a profit in a 0pump and dump1 fashion.
However, the nature of the pu"lic "lockchain makes the tactic of premining transparent to those curious enough to investigate. 7nce a cryptocurrency community discovers the existence of premined coins, exchanges may "ecome "e hesitant to adopt the fork, miners may drop from the network, and the value lowers as the supply and demand paradigm undergoes a shift. ooled Minin
Most miners make use of 0mining pools1 in order to maximi$e the efficiency of their computational efforts. & 0pool1 is software hosted on a we" server, usually a DA+ or dedicated server. Miners create accounts on the pool server and then add pool authentication credentials to the configuration files of their mining client software on local mining e#uipment. 7nce the mining client authenticates, it is a"le to share resources in the distri"uted computing network that will allow for a more efficient use of hardware. The mining pool server will receive reward payments from the cryptocurrency network, and distri"ute the payment to miners "ased the amount of the miners computational effort accepted "y the network. Most pools take a small percentage of the rewards and payouts in order to cover operating costs. Miners are aware of this, and generally have no issue with contri"uting in order to maintain the pro-ect. tratu rotocol
%or miners with multiple mining rigs, some mining pools support the use of the 0+tratum1 protocol. +tratum is used to synchroni$e the computational effort of multiple mining rigs to reduce the chances of duplicate share su"mission, there"y maximi$ing efficiency of the miners com"ined resources. !iures ".; # ".< displays examples of well known mining pools for itcoin and !itecoin.
!i ".; # opular Bitcoin Minin ool # =eepBit.net
!i ".< # opular )itecoin Minin ool # ool#2.eu
C' Minin
itcoin and !itecoin could originally "e mined with a A, however as difficulty rates increased this no longer "ecame a profita"le method. &s &+> and =A accelerated processing is adopted for itcoin and !itecoin, new <coins continually emerge that satisfy the marketplace demand to "e a"le to make efficient use of A processing power. &' Minin
&t the time of writing, =A accelerated mining is the most common method of the ma-ority of cryptocurrencies. & single =A is a"le to process the approximate e#uivalent of EE.6E As 3estimating 9ECH/s or MH/s per A and 6(5CH/s or M/Hs per =A4. =amers, graphic designers, film editors, and password hash analysts are all a"le to make use of their existing hardware to efficiently participate in cryptocurrency mining. & hardware efficiency comparison is availa"le on the official itcoin wiki https://>itcoin.it/wiki/Mininhardwarecoparison !iure ".@ shows a sample of what mining traffic looks like as it traverses the local network. The pool destination and cryptographic data is o"serva"le within the traffic, and is generally not "andwidth intensive. >t is simply a '+7 formatted A7+T re#uest and =2T re#uest. !i ".@ # creenshot of cryptocurrency pooled inin traffic.
A(C Minin
&pplication +pecific >ntegrated ircuits 3&+>4 have "een developed for itcoin. ;ue to the customi$ed and specific nature of &+> technology, there is currently only &+> for itcoin. &+> mining is advertised as having exponentially more computational processing power using significantly less resources than =A mining, such as hardware and electricity. >t is hypothesi$ed that as the popularity of &+> accelerated hardware grows among the itcoin mining community, =A miners will "egin switching to !itecoin or other altcoins that are resistant to &+> technologies. The "enefits and draw"acks of this type of diversification is currently a popular su"-ect of de"ate among the mining community. !iure "." displays an example of marketing material for a itcoin &+> manufacturer. The marketing material compares the hardware re#uirements of =A mining to &+> mining to demonstrate superior efficiency.
!i "." # Marketin aterial for a Bitcoin A(C anufacturer
Dconoics of Minin
>t is hypothesi$ed "y miners that the price of cryptocurrencies will continue to rise due to limitations of the supply and the finite caps on availa"ility for mining. 2volving technologies shape the profita"ility of mining methods on a regular "asis. =enerally, miners who have consistently mined itcoin or !itecoin long term have earned a return on hardware investment 6 months to one year. Miners who switched to cryptocurrency mining with =A accelerated hardware using e#uipment that was already owned for applications such as password hash cracking, F; gaming, or film production had an advantage "ecause they were already in possession of efficient mining e#uipment and experienced lower out of pocket investments. The increase in difficulty and resulting increase in market price is "eneficial for miners that have "een harvesting and saving for long periods of time. !ong term miners who have "een saving their rewards will have a large reserve of cryptocoin from when difficulty rates were low and payouts were high. The resulting increases in cryptocoin market prices result in an increase in the value of the miner1s overall portfolio. Minin rofita>ility
Miners who get into a cryptocurrency fork after the difficulty has significantly increased, such as latecomers or 0pool -umpers,1 3miners who constantly switch coin types "ased momentary profita"ility4, are less likely to "enefit from cryptomarket fluctuations. Moreover, the miner may even suffer from the fluctuations as it will take a longer period of time for the miner to match their return on investment as they may not not have an esta"lished cryptocurrency portfolio. However, newcomers to cryptocurrency mining should not "e discouraged "y increasing difficulty rates. The market price of the cryptocurrency goes up as a result, and discipline and persistence of consistent mining will eventually "e profita"le as with any ho""y of passion. !iure "."" displays an example of mining profita"ility calculations for various cryptocurrencies.
!i "."" # =ustcoin.co Minin rofita>ility Calculator Eates 4per day9
Market Caps and Fetwork Minin )iits
2ach cryptocurrency has a finite amount of coins availa"le to "e mined for the network. itcoin will only have (9 million coins mined, !itecoin will only have GE million coins. &t the time of writing, over eleven million itcoin have "een mined and the market value exceeds one "illion dollars +;. !iure "."$ shows the market caps and circulating crypto coins availa"le at the time of writing.
!i "."$ # Coinarketcap.co Cryptocurrency Market CapitaliGation
Whitehat Minin
The ma-ority of the cryptocurrency mining community are legitimate enthusiasts who are intrigued "y a new technology and seeking to participate in an innovative pro-ect, while at the same time earning a profit for their efforts. Many early cryptocurrency miners were in possession of accelerated =A processing hardware due to other ho""ies such as F; gaming, graphic design, or password hash analysis. &s the word of mining profita"ility spread, speculative investors "egan to purchase =A hardware specifically for the purposes of cryptocurrency mining. %or some, this involved significant initial out of pocket expenses with no guarantee of return as the entire cryptocurrency concept is an experiment in economic and cryptographic principles.
;epending on the saving discipline and investment skill of the individual running the mining systems, hardware expenses can either #uickly recouped or endlessly chased. The rapid rise of itcoin market prices following the economic crisis in yprus created several millionaires of early cryptocurrency enthusiasts. The stories of several individuals who rose to rapid wealth is detailed "y the Huffington Aost article Meet the itcoin Millionares.I http://www.huffintonpost.co/$"*/+/""/eet#the#>itcoin# illionan*3$,@.htl The term itcoin aronI "ecame slang that is used to descri"e individuals who were early adopters of cryptocurrency and have significantly profited from involvement with itcoin since the pro-ects original inception. The term can "e o"served as "eing used within the title of an underground hacking rap song known as itcoin aron,I "y former "lack hat hacker JT racker https://soundcloud.co/ytcracker/ytcracker#>itcoin#>aron#v"#ssl/s#tH@p, !iures "."* # "."+ shows the interior and exterior of a typical professional =A accelerated computer assem"led for the purposes of cryptocurrency mining.
The official itcoin itcoin.it/wiki/Mininhardwarecoparison
!i "."* # &' Minin Coputer (nterior 4*- &' cards0 ",w power supply9
!i "."+ # &' Minin Coputer D-terior 4*- &' cards0 ",w power supply9
Blackhat Minin
&s the market price of cryptocurrencies rise, there has "een an increased interest "y "otnet administrators in the use of their "otnets for mining cryptocurrency. +everal itcoin and !itecoin mining tro-ans and crimeware kits have "een leaked into the pu"lic realm, which indicates that this concept has evolved "eyond theory and is "eing put to use. +ome "otnet administrators are disinclined to make use of their "otnets for cryptocurrency mining as it may cause a noticea"le performance degradation in the performance of their infected "ot systems. >n an interesting parallel, in the physical world, it has "een reported in mainstream media that the profita"ility of illegal physical gold mining "y re"el groups in olum"ia has replaced the drug trade as the primary profit driver for re"el activities. This shift reveals a trend that transcends "oth the "oth physical world and online worlds, where"y organi$ed underground groups "reak out of traditional revenue generation activities to participate in illegal mining of commodities during times that the commodity is most profita"le. http://www.inin.co/illeal#old#inin#profits#for#re>els#in# colo>ia#five#ties#larer#than#cocaine#3<,@$/ !iures ".", I "."< reveal several itcoin mining tro-ans that have "een leaked into the pu"lic realm. !i ".", # )oin panel for BitBot >otnet
McAfee )a>s Analysis of BitBot # http://>los.cafee.co/cafee#la>s/delvin# deeply#into#a#>itcoin#>otnet
!i "."3 # ETMiner # Bitcoin inin troJan >uilder
!i "."; # Chroe Miner # Bitcoin inin troJan >uilder
!i "."< # TwMiner Builder # Bitcoin inin >otnet that uses Twitter as CKC
&reyhat Minin Havascript Minin
There has "een much discussion surrounding the emergence of 'avascript "itcoin mining scripts "eing placed onto we"sites in order to use the A power of the visitor to generate cryptocurrency for the individual who deployed the script. 'ava+cript mining is speculated "y some to "e profita"le in the event of compromising a high traffic we"site, either through a persistent K++ vulnera"ility or another vector of access. >n reality, 'ava+cript "itcoin mining is currently only effective as an interesting proof of concept, and not really for making any significant profits. Disitors of we"sites that have itcoin mining scripts in place will often notice the decrease in computational performance and attri"ute the slowdown to the we"site in one way or another, causing a decrease in repeat visits. f ac#uisition of cryptocoin is the goal, regular affiliate advertisements 3AA/A&4 would "e more effective and fiat profits could "e traded for cryptocurrency. !iure "."@ contains the source code for a common 'ava+cript itcoin miner.
!i "."@ +ource code for 'avascript itcoin Miner http://cur.lv/9dpn$
Tradin Cryptocurrency
&t the time of writing, exchange trading platforms such as Te and Dircurex are essentially the "ack"ones of the cryptocurrency economy. These trading platforms provide a place for miners and speculators a place to participate in ar"itrage "etween various cryptocoins and fiat currencies. !iure ".$ displays an image of Te, a live cryptocurrency trading platform that allows for the exchange of itcoin 3T4 into altcoins 3!T/%T/M/D/AA//T?4 and fiat currencies 3+;/2?/??4. !i ".$ # napshot of Eeal Tie Cryptocurrency D-chane Market # http://www.>tc#e.co
)eitiate Dconoic Activity with Cryptocurrency
ryptocurrencies have provided a way for "usinesses to engage in ecommerce on an international level that was previously unprecedented. +ervices such as AayAal have never had complete international reach for their services, as they were centrali$ed corporations. Merchant rocessin
;ue to the nature of itcoin "eing an open source peer to peer protocol, the potential for ecommerce has expanded into regions where ecommerce was previously difficult, if not impossi"le, due to the high risks of fraud associated with international credit card processing. Merchant processing solutions such as itAay have emerged to provide a solution for merchants who wish to "e a"le to convert their payments into +; and withdraw to a "ank account, while maintaining compliance with government regulatory authorities. sers are a"le to accept and withdraw itcoin anonymously, "ut must provide appropriate identifia"le documentation when converting itcoin into fiat currency. !i ".$" # Bitpay # !(FCDF copliant erchant solution for Bitcoin # http://www.>itpay.co
&ift Cards
+ervices such as =yft provide a way for miners and traders to make use of their itcoin "y purchasing gift cards for ma-or retail stores, restaurants, hotels, and many other types of merchants. The gift cards are sold as electronic codes and are instantly redeema"le on cell phones or through print outs. The =yft corporation also takes credit cards, however they restrict credit card purchases to mo"ile devices that have "een preauthenticated through the =oogle or &pple stores. The only method to purchase cards from the =yft we"site is via itcoin. This serves as an example of an ecommerce store making use of itcoin as a solution to eliminate charge"ack risks relating to credit card fraud. !i ".$$ # &yft accepts Bitcoin for ift cards for (E) and online stores I http://www.yft.co
'nderround Dconoic Activity with Cryptocurrency olitical
?egional insta"ility and civil unrest around the glo"e has traditionally manifested into a renewed interest in metals markets, causing a significant rise in metals prices as populations seek to hedge their wealth in gold and silver to withstand any fiat currency collapses. The conversion into hard metals has posed a pro"lem for individuals seeking to flee tur"ulent areas, as si$ea"le amounts of physical precious metals re#uires smuggling in one form or another. >ndividuals in countries with rapidly collapsing economies are #uickly reali$ing that cryptocurrency does not have the same logistical limitations of precious metals when crossing a "order. The fleeing monied populations from various tur"ulent regions 3yprus, ra$il, >ran, Dene$uela, Turkey4 seem to "e hedging in cryptocurrency for the short term until they are a"le to relocate and convert "ack into fiat currencies or metals. itcoin might "e in a current "u""le due to this, and might have had a small impact on the recent deflated values of precious metals markets to the point of price correction. itcoin emerged as an unexpected alternative for investment diversification and the storage of wealth, and glo"al commodities market prices responded in kind. >t is also important to note that precious metals markets were inflated for a time that is longer than the concept of cryptocurrency has existed. Criinal
Mainstream media has done a thorough -o" sensationali$ing the use of itcoin and the potentials for illegal activity. The illegal activities descri"ed "y mainstream media often include the mention of drug sales or illegal weapons sales, however these illegal activities are also made possi"le through fiat cash, and is even more anonymous than the use of cryptocurrencies such as itcoin. %urthermore, the availa"ility of gift cards for large retail stores has essentially eliminated the market for illegal weapons trading, as people are now a"le to make completely legal weapons purchases with itcoin through the use of legitimate federally licensed firearms vendors.
;ue to the recent shutdown of centrali$ed ecurrency !i"erty ?eserve, many digital crime groups have moved to Aerfect Money and itcoin as an alternative to store their ill gotten gains. Aerfect Money is a centrali$ed e currency solution similar to !i"erty ?eserve. Traditionally, malicious actors have "een apprehensive a"out adopting itcoin due to the market volatility making it risky for long term storage of finances. However, itcoin as gained some resistant traction out of necessity after it "ecame apparent that governments are a"le to decapitate centrali$ed ecurrency issuers even when the currency issuer exists "eyond -urisdictional "orders, such as with !i"erty ?eserve. The adoption of itcoin "y malicious actors will end up as "oth an asset and a lia"ility to the criminal underworld. >f used improperly, the anonymity that is assumed "y the user can "e made nonexistent. The pu"lic "lockchain ensures that every transaction on the itcoin network is visi"le and documented. &s a result, if an individual ever correlates a itcoin payment address to identifia"le information, that payment and possession of the cryptocoin can "e successfully attri"uted to an individual. nskilled criminals who do not fully understand the technology will end up "eing "urned "y improper use of anonymi$ation features, while more sophisticated criminals will use the properties of anonymity to their advantage, while still "earing the risk of market fluctuations. Coon Attacks aainst Cryptocurrency
&s with any organi$ed criminal, the target will "e the location of money. >n the case of cryptocurrencies, the locations of value are in the form of mining pool servers, trading platforms, third party wallet services, and end user computers. 7ver the short history of cryptocurrency, each value location has experienced multiple forms of attack that resulted in the direct theft of coins. =ata Breaches of Minin ools/Tradin latfors/Third arty Wallet torae
Many cryptocurrency we" applications are often "ased on experimental concepts that may have undisclosed vulnera"ilities. %urthermore, many also rely on the end user to set a secure password. &s with any security control, it is only as strong as it1s weakest link. Malicious actors have "een known to attack we" applications that manage cryptocurrency wallets, as well as attack users who have reused "reached passwords and/or experienced compromised email accounts and password resets.
Ma-or mining pools and exchanges have implemented A> solutions, two factor authentication, and &ATH&s to prevent such activity. However many smaller mining pools are still experiencing the growing pains associated with the implementation of new technologies, such as &A>s, and are victim to pool heists. &s ecommerce merchants start accepting itcoin, they will also "e targets of such attacks and should prepare through proper we" application vulnera"ility analysis and end user education. !i ".$* I BitcoinTalk.or !oru =iscussion of Breached D-chanes
!i ".$+ # BTC#e warns users to chane passwords after Lircure- >reach
Attacks Aainst the Dnd 'ser Client ide Attacks # +ince itcoin and other cryptocurrency resides in the wallet.dat file, a goal of malicious actors in a cryptocurrency attack campaign is the exfiltration of that file. This can "e achieved through physical access, "ut is most often attri"uted to malware.
oth whitehat and "lackhat tools exist for the theft of itcoin wallets. !iure ".$, shows an image of a post exploitation plugin for the Metasploit attack framework that steals wallet.dat files from compromised machines. The tool was developed and released "y hacker i!!wi!! of the hacking group i!!mo. The itcoin wallet stealer Metasploit post exploitation module was released shortly after itcoin1s first surge of popularity in ()99. !i ".$, itcoin wallet stealer for Metasploit "y i!!wi!! http://www.etasploit.co/odules/post/windows/ather/>itcoinJacker
!iure ".$3 reveals a snippet of source code from Aaste"in that makes use of the %TA protocol for
!i ".$3 +ource code of a itcoin wallet stealer that uses %TA http :// cur.lv/9dpe#
More recently, additional wallet.dat theft tools for various cryptocurrencies have "een leaked and circulated, as indicated in !iure ".$;. Most of the tools appear to "e written for use with wallet stealing tool
hysical ro>>ery # The first documented incident of a physical ro""ery during and in person exchange took place on the itcointalk.org forums. The ro""ery incident is documented in !iure ".$<, and is translated into 2nglish from =erman in !iure ".$@. !iure ".* documents cryptocurrency media coverage of the incident.
!i ".$< # creenshot of victi clai of physical ro>>ery &eranN # https://>itcointalk.or/inde-.php?topic$$@@,*.s$++"";Ps$++"";
!i ".$@ # Translated te-t of ro>>ery clai &eran to Dnlish via &oole TranslateN
Hello, > have "een thinking a long time ago if >Lll let you know what happened. > come to the conclusion that > now post it pu"licly. Jesterday > had a meeting with a mem"er of itcointalk 3 https:// "itcointalk.org /index .php topic N ((*E5).) 4, it is out of the conversation is a deal "een reached, with the proposed O P5 per itcoin, as the price was at around the O PGG), > was ready for a Au"lic Meeting resolved. T 6) against E.5 ash. arrived on time, a foreign person was made at the meeting point of a normal impression. He wanted to see the money, which > showed him. now he had suggested we go to his car, and he from his laptop to me the T sends and > give him the money. aive as > am, > went with him. There were a"out 9) min walk, where > then asked where the car is now, he said, weLre almost there. found a heavy "low, no, > thought. There were two people who have followed us, which > really was notLve taken. %rom then on, > only punches and kicks get in until > no longer resisted. then > was taken off my clock, cash, smartphone.
then you have let go of me where you had what you wanted, and > was still cheerful a"out my. The whole is certainly interest you Humanly not "ut the coins. > have a "lock chain mail address created for itcoins, so that if the seller of 6) itcoins comes too late, "ecause he can not find address or whatever. , > can pay for the order directly on my phone, so the payment is received "efore 96 clock and the purchase has "een completed and > do not have to drive extra home. , the pro"lem is a"out the whole thing, that the "lock chain side was opened in +afari, in addition, the account data was stored in my notes. > mean who expects to pass the stuff middle of the day. using pain plagued homecoming towards that process events . home came violently to ponder whether itcoins are still on our wallet. now > went to an internet cafe to see if the itcoins are still there. then a relief they are still there. direct in my email logged account, "lock chain 2mail open and found, that there is only the link to the wallet, "ut not the randomgenerated 95digit password. now on the "lock chain side, looking for a solution to come into our wallet. since > had at the time the password that never goes to the "lock chain server, > thought now youLve really fucked up. 2verything clicked through, had no success. now > have seen opportunities over 9 hour for possi"le password and deli"erate. since all this did not help, >Lve "een thinking how the whole confession, these are the "itcoins in a wallet where > no longer ran come. &gain open the "lock chain mail address, > reali$ed that was made a "ank transfer, you can send me "elieve my heart has never "een so fast tapped as the time. > would like to not display as scammers, as this not at all fit my personality, let then > can sleep peacefully. Hektek > have no written pushy, send to instantly itcoins. itdaniel that you accuse me as a scammer, is really the hammer, think a"out the chat history of entertainment after > had received from (weiK easily the 5) T within minutes. Jou know (weiK > would have done like pro"lems to, as he has done to you. esides, > have you can ask for more T have "een wanting to complete the purchase. ?espectively like you wanted to "uy the whole 'upiter alone , which > declined since even users are entered. +owas would not make an scammers to or itcoins to get M7?2 money. > can you ever say so much > want to "e no longer part of the community. never "ut never > had in a itcoin %orum expects that such riminal pack hangs out yourself. +olving the pro"lem would "e in my eyes, > will refund a reminder to you as involved 3name and address > needed4 and hope that the perpetrators can "e prosecuted criminally .
!i ".* # creenshot of cryptocounity edia coverae of ro>>ery # http :// cur.lv/9dphP
&overnent eiGure as Contra>and
The first documented sei$ure of itcoin took place in 'une ()9F. The nited +tates ;rug 2nforcement &dministration 3;2&4 sei$ed approximately 99 itcoins from a suspect that was accused of illegal activities using an underground ecommerce marketplace. http://techcrunch.co/$"*/3/$;/the#dea#seiGed#>itcoins#in#a#silk#road# dru#raid/
The sei$ure and the physical ro""ery indicates that cryptocurrencies have solidified themselves as a valua"le commodity to "oth common thieves and law enforcement agencies, demonstrating that itcoin and the cryptocurrency concept has longevity and will continue to gain traction with the general population. )iits of Cryptocurrency
!ike any emerging technology, cryptocurrency still has a way to go "efore it is refined and perfected as a commodity suita"le for daily commercial use "y the average person. Blockchain iGe
!arge pu"lic "lockchain makes for slow setup of itcoin wallets and re#uires large storage space. &s of the time of writing, the itcoin "lockchain is over G= in si$e. This "lockchain si$e can "e pro"lematic with mo"ile devices, and as the "lockchain grows Frd party storage solutions may "ecome only option. The reliance on a third party storage solution would defeats the purpose of the principles of "eing in control of commodity, and su"-ect users to the regulations and terms of service of the solution provider.
rivacy
The pu"lic "lockchain of cryptocurrencies documents payment address, >A address, and all incoming/outgoing transactions to that address. >f anonymity practices are not followed, such as the use of a DA or the Tor network, then the transaction is attri"uta"le in a way that is more pu"lic and verifia"le than a credit card or cash. This attri"ution is made even easier if at some point in time the end user has documented their real name along with a itcoin payment address. Technical Barriers
>t1s hard enough helping the average person navigate simple >T issues. >n addition to standard computer navigation, the end user has to understand the concepts of pu"lic key private key encryption, peer to peer protocols, mining share su"missions, "lockchains, and market fluctuations due to supply/demand commodity trading economics. 7nce those concepts are clear to the end user, only then will they feel totally confident "uying and selling on the internet using cryptocurrency. &overnent Eeulations
+ government regulations and %inancial rimes 2nforcement etwork 3%>24 re#uirements are making the widespread adoption of itcoin and cryptocurrencies difficult. &s of March ()9(, %>2 regulations were amended to redefine the definition of a 0stored value monetary instrument1 to include virtual currencies such as itcoin. This reclassification of stored value monetary instruments made it a re#uirement for any "usiness engaged in the activity of exchanging itcoin to + fiat currency register as a money transfer "usiness, and "e su"-ect to the regulatory re#uirements thereof. Many + "ased exchangers and merchant service providers are making strides in meeting and maintaining regulatory compliance standards. The desire to meet the re#uirements government regulation and compliance is rarely seen within the cryptoanarchist community. However, since itcoin has evolved "eyond an argorist experiment into a glo"al commodity, this desire is "eing sought as many legitimate "usinesses seek to make use of the "enefits of an emerging technology.
Conclusion
>nterest in itcoin and other cryptocurrencies will continuing to grow. &s the mining difficulty rates rise, the value of individual coins will increase. !itecoin will "e an interesting cryptocommodity to continue to watch, as the market price has not yet matched the market cap spread. >t is possi"le to see a significant increase in the value of !itecoin in the near future, or perhaps the rise to prominence of another altcoin that is "ased on an alternative encryption algorithm. =overnment regulations will continue to stifle and stonewall the growth of itcoin and cryptocurrencies within the nited +tates, "ut the technology will continue to grow in popularity on an international level. The current government attacks against cryptocurrency can "e interpreted as similar to the government actions against mpF technology, or the ongoing assault against .torrent technologies. >n the end, the technology will prevail if it is adopted "y enough people and the government actions will "e interpreted as futile and oppressive. Eesources Bitcoin Loca>ulary 7fficial itcoin Doca"ulary http://>itcoin.or/en/voca>ulary Bitcoin.or 7fficial itcoin itcoin.or Bitcoin Wiki 7fficial itcoin itcoin.it )itecoin.or 7fficial !itecoin itcointalk.or Coin'E) itcoin "ased ad service http :// www.coinurl .co/inde-.php ?refhackiai =ustcoin.co # Mining profita"ility calculator Q http://www.dustcoin.co Coincharts.co ryptocurrency market prices Q http://www.coincharts.co Coinarketcap.co ryptocurrency market caps Q http://www.coinarketcap.co Blockchain.info Au"lic record of T "lockchain Q http://www.>lockchain.info &lossary Altcoin <ernative cryptocurrency such as !itecoin, Terracoin, AAoin, or Boin Bitcoin 7riginal cryptocurrency that emerged in ())*, considered gold standard of cryptocurrency. Bitcoin Baron >ndividual who has significantly profited from itcoin due to early participation. Blockchain Au"lic transaction record of cryptocurrency Confiration Transaction on the cryptocurrency network Cryptocurrency %ile exchange "ased on decentrali$ed p(p protocol. Dalue "ased on supply/demand.
