Christian Karam, a Cyber Threat Researcher at the Research & Innovation Sub-Directorate (R&I) at INTERPOL, says that Bitcoin’s Blockchain could also be a safe haven for malware and child abuse. He presented his views at the Black Hat Asia conference wherein he showed his concern about the state of affairs.
He is of the view that Blockchain technology, the public ledger of all Bitcoin transactions, could be abused to store malware control mechanisms or provide access to illicit content such as child abuse images that would be extremely difficult to take down. Given his wide experience in the security analysis segment, the suggestions are valuable.
Karam develops the activities in the fields of global cyber threat research, future trends analysis, cyber intelligence analysis and R&D within the INTERPOL Global Complex for Innovation (IGCI). Nonetheless, Bitcoin may have all kinds of good uses outside of providing stability for the world’s most popular cryptocurrency; it can also be put to malicious use.
Currently, Christian Karam works for INTERPOL; however, he was not with the organization always as he was an independent security researcher, penetration tester, and security consultant for multiple firms in the private sector, earlier. Nonetheless, his subject of expertise falls under different fields: cryptography, darknets, future trends and cryptocurrencies.
As he is a Certified Ethical Hacker, Certified Hacking Forensic Investigator, Licensed Penetration Tester, CISSP, and holds degrees in Information Security Engineering, Cybersecurity, etc. as well as pursuing advanced research in the areas of trend analysis and threat models, currently, he has got a lot of industry experience to come with such a view.
Security is going to be a Major Concern for the Stakeholders
On the other hand, Gavin Andreson, chief scientist at the Bitcoin Foundation, said using C&C (botnet command and control) mechanism for sending commands to malware running on the Bitcoin network would be “very expensive” due to the transaction fees hackers would have to pay.
He further explained that botnet operators don’t want there to be any permanent record of their crimes. According to him the risk to them is that their command server gets seized, and then they are prosecuted for everything it ever did. Also, he recommends that it is much better if the commands are impermanent.
Adding further he says that using the Bitcoin peer-to-peer network (instead of the Blockchain) makes a lot more sense; however, he is of the view that there are much larger peer-to-peer networks where botnet activity is easier to hide, so even then it is unlikely any botnet operator would choose to piggyback on the Bitcoin network.
To contact the reporter of this story: Deepak Tiwari at firstname.lastname@example.org