tokeweed (OP)
Legendary
Offline
Activity: 4130
Merit: 1461
Life, Love and Laughter...
|
|
April 11, 2015, 03:06:38 PM |
|
Kaspersky Labs and INTERPOL have presented research in which they show how blockchain-based cryptocurrencies can potentially be abused with arbitrary data that can be disseminated through its public decentralized databases.
These two entities addressed the issue at the BlackHat Asia conference in Singapore. They successfully demonstrated how arbitrary data can be injected into a digital currency decentralized database simply by using an exploit code that opens a notepad enabling corrupted data to be inserted into the Blockchain.
Not long ago, Kaspersky Lab’s signed an agreement and a memorandum of understanding with INTERPOL and Europol in order to expand cooperation in a joint fight against cyber crime. In addition, the company has also organized a series of training sessions for INTERPOL staff to give them some knowledge about malware analysis, digital forensics, and financial threat research.
A Kaspersky researcher named Vitaly Kamluk explains:
“Blockchainware, short for blockchain-based software, stores some of its executable code in the decentralized databases of cryptocurrency transactions. It is based on the idea of establishing a connection to the P2P networks of cryptocurrency enthusiasts, fetching information from transaction records and running it as a code. Depending on the payload fetched from the network, it can be either benign or malicious.”
Vitaly also stresses that before digital currency can be widely accepted, we need to understand the full potential of the threats it faces. The Bitcoin community seems to agree with Vitaly, as security is a healthy industry seeing remarkable growth in the cryptocurrency ecosystem.
A report from Juniper projects that the number of active Bitcoin users worldwide will reach 4.7 million by the end of 2019, up from just over 1.3 million last year. The company expects usage to continue to be dominated by exchange trading, with retail adoption largely restricted to relatively niche demographics. This is surely good news for the virtual currency industry, and it means that the potential of the technology has already been recognized.
The importance of cryptocurrencies on e-commerce and other online financial activities has been growing at an astonishing rate, and concerns over security are growing. Security issues will likely always be present in the Bitcoin world, and users will have to rely on cybersecurity firms to constantly innovate and provide solutions.
http://insidebitcoins.com/news/kaspersky-and-interpol-say-blockchain-is-vulnerable/31578
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
|
|
|
Jeremycoin
Legendary
Offline
Activity: 1022
Merit: 1003
𝓗𝓞𝓓𝓛
|
|
April 11, 2015, 03:19:52 PM |
|
BTCitcoin is in danger, we must safe it. Whatever they said, I'll still trust the BTCitcoin
|
faucet used to be profitable
|
|
|
fryarminer
|
|
April 11, 2015, 03:22:53 PM |
|
Oh no!!! Bitcoin is in danger!! Hodl your coins so you don't lose them!
|
|
|
|
LiteCoinGuy
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
April 11, 2015, 03:35:23 PM |
|
thank god i own only Litecoin
|
|
|
|
GTO911
|
|
April 11, 2015, 03:51:07 PM |
|
thank god i own only Litecoin I really pity you, why wont you just cut the losses and enter some other position?
|
|
|
|
oblivi
|
|
April 11, 2015, 03:53:20 PM |
|
Sounds like not really found based scaremongering for Kaspersky and friends to start selling us "Crypto-antiviruses" of some sort.
|
|
|
|
Amph
Legendary
Offline
Activity: 3248
Merit: 1070
|
|
April 11, 2015, 03:56:48 PM Last edit: April 11, 2015, 06:57:05 PM by Amph |
|
they are trying too hard to kill bitcoin price with all those troll news, despite all the 230 mark is still holding strong
they should at least back up their claim, why they don't try to abuse the blockchain then?
|
|
|
|
tokeweed (OP)
Legendary
Offline
Activity: 4130
Merit: 1461
Life, Love and Laughter...
|
|
April 11, 2015, 04:00:37 PM |
|
they are trying to hard to kill bitcoin price with all those troll news, despite all the 230 mark is still holding strong
they should at least back up their claim, why they don't try to abuse the blockchain then?
This. Either that, or insiders know something that's why they are selling.
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
|
|
|
maku
Legendary
Offline
Activity: 1288
Merit: 1000
|
|
April 11, 2015, 04:20:06 PM |
|
thank god i own only Litecoin I really pity you, why wont you just cut the losses and enter some other position? They said that every blockchain based cryptocurrency is in danger? Does your Litecoins are not based on blockchain technology? Everything is lost. No matter which cryptocurrency you own.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
April 11, 2015, 04:25:22 PM |
|
So where is this "presented research"? How about someone from our side takes a look at it. I trust Interpol as much as I trust the FBI.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
Denker
Legendary
Offline
Activity: 1442
Merit: 1016
|
|
April 11, 2015, 04:26:32 PM |
|
they are trying to hard to kill bitcoin price with all those troll news, despite all the 230 mark is still holding strong
they should at least back up their claim, why they don't try to abuse the blockchain then?
Exactly. As long as they don't show any proof and devs from the community can counter check that news is just bullshit!
|
|
|
|
odolvlobo
Legendary
Offline
Activity: 4494
Merit: 3400
|
|
April 11, 2015, 04:26:47 PM |
|
The article isn't clear. Is it saying that people can put arbitrary data into the block chain, or is it saying that somebody can corrupt my copy of the block chain? I don't see how either of those makes Bitcoin vulnerable, since the first is a feature and the second affects only me.
|
Join an anti-signature campaign: Click ignore on the members of signature campaigns. PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
April 11, 2015, 04:30:27 PM |
|
So where is this "presented research"?
This, where is the research? They cannot say "blockchain is vulnerable" without give a full report and various example of that attack. How about someone from our side takes a look at it. I trust Interpol as much as I trust the FBI.
I trust my cat more than FBI + Interpol .
|
|
|
|
Q7
|
|
April 11, 2015, 04:34:06 PM |
|
The article isn't clear. Is it saying that people can put arbitrary data into the block chain, or is it saying that somebody can corrupt my copy of the block chain? I don't see how either of those makes Bitcoin vulnerable, since the first is a feature and the second affects only me.
That is what I'm trying to find out as well. If it does, it means there are vulnerabilities that can be exploited affecting the blockchain but I'm just wondering how is it possible that nobody has seen it yet until recently.
|
|
|
|
tokeweed (OP)
Legendary
Offline
Activity: 4130
Merit: 1461
Life, Love and Laughter...
|
|
April 11, 2015, 04:41:16 PM |
|
The article isn't clear. Is it saying that people can put arbitrary data into the block chain, or is it saying that somebody can corrupt my copy of the block chain? I don't see how either of those makes Bitcoin vulnerable, since the first is a feature and the second affects only me.
That is what I'm trying to find out as well. If it does, it means there are vulnerabilities that can be exploited affecting the blockchain but I'm just wondering how is it possible that nobody has seen it yet until recently.Someone out there must want BTC to go down... Maybe trying to pull off the ultimate FUD?
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
|
|
|
abyrnes81
|
|
April 11, 2015, 04:56:20 PM |
|
The article isn't clear. Is it saying that people can put arbitrary data into the block chain, or is it saying that somebody can corrupt my copy of the block chain? I don't see how either of those makes Bitcoin vulnerable, since the first is a feature and the second affects only me.
That is what I'm trying to find out as well. If it does, it means there are vulnerabilities that can be exploited affecting the blockchain but I'm just wondering how is it possible that nobody has seen it yet until recently. Because there aren't bug in the bitcoin code ( and the ledger aka blockchain) here a good report (for good usage) of the bitcoin blockchain : http://www.righto.com/2014/02/ascii-bernanke-wikileaks-photographs.html
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
April 11, 2015, 05:12:03 PM |
|
I am calling FUD as sure you can embed arbitrary data in the blockchain but "so what"?
You can embed arbitrary data in .jpg's (steganography) - does that make it dangerous to view a .jpg (or more relevant to the OP to even store it on your computer)?
Unless they are talking about a bug in Bitcoin Script (which clearly they are not) then it really is just FUD (and Kaspersky have lost all credibility in my view with this).
|
|
|
|
tokeweed (OP)
Legendary
Offline
Activity: 4130
Merit: 1461
Life, Love and Laughter...
|
|
April 11, 2015, 05:14:32 PM |
|
I am calling FUD as sure you can embed arbitrary data in the blockchain but "so what"?
You can embed arbitrary data in .jpg's (steganography) - does that make it dangerous to view a .jpg (or more relevant to this topic even to store it on your computer)?
Exactly. But this info is comng from Kaspersky and the Interpol... Someone out there is trying to pull off the ultimate Bitcoin FUD. And this is a good time to attack Bitcoin... While the climate is bearish.
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
|
|
|
AGD
Legendary
Offline
Activity: 2070
Merit: 1164
Keeper of the Private Key
|
|
April 11, 2015, 06:49:26 PM |
|
simply by using an exploit code that opens a notepad enabling corrupted data to be inserted into the Blockchain Wow! My notepad can do things like that?
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
April 11, 2015, 06:55:23 PM |
|
It is based on the idea of establishing a connection to the P2P networks of cryptocurrency enthusiasts, fetching information from transaction records and running it as a code.
So it is complete FUD - no normal Bitcoin client works like this at all. You'd need some specially created Bitcoin client that uses something like OP_RETURN data as an executable (and I don't believe there even is such software in existence unless Kaspersky created it just to published this FUD article).
|
|
|
|
|