Attacking a whole world wide economical community



User avatar


Posts: 1

Joined: Thu Apr 03, 2014 6:03 am

Post Thu Apr 03, 2014 6:08 am

Attacking a whole world wide economical community

The bitcoin database is distributed (non-centralized) and exists on each and every one of the hosts running a bitcoin client. There's a copy of the database on all bitcoin client, that's how the decentralization works. Once a transaction is committed, it can't be undone.

A bitcoin transmission is stored as an event in the database.

You can inject an arbitrary raw 20 byte binary string into the database files (forever) because of that by setting the target address of a transaction to a wanted value (more or less). A bitcoin address (the intended receiver of any amount of coins) consists of 25 bytes. The first one equals 1 by default and is uninteresting. The following 20 bytes identifies the intended receiver and can be set to exactly anything. The following 25 bytes is just a hash of the former 21 bytes. A bitcoin transaktion contains such an address and is stored on each and every bitcoin-client forever. If you delete the database from one bitcoin-client (or has a fresh install), your client will synchronize with the rest of the network.

Now, imagine that we inject so called "virus signatures" that anti-virus programs recognizes into the bitcoin database. What'll happen is that that will trigger the anti-virus program for every bitcoin client user that has an anti-virus program installed (and this won't go away ever.. you can't clean the database). Those virus signatures are harmless in their own, but they are something that anti-virus program use to recognize viruses. The anti-virus programs will think that the local bitcoin database is infected.

Spamming the bitcoin database with virus signatures will cause havoc. Some antivirus-programs will delete the database locally, others will deny their bitcoin-client access to the databases. Some won't be able to start their bitcoin-clients again (and can't understand why). Some will format and reinstall their computer.. to once again get "infected" when they get a bitcoin client again. Panic will spread among computer n00bs. Uneducated rumors will spread that bitcoin is spreading viruses. Havoc will simply emerge. Media will react, and dramatize the thing enormously. The value of bitcoins will drop hasty. All of this just because we send a minimal amount of bitcoins (the smallest amount allowed) to given bitcoin addresses.

You can confirm that the injection works by doing the following:
brainwallet.org/#converter click on HEX on the top, and B58Check further down.
Place an exactly 20 bit hex value there. Now you can either send any amount to the bitcoin address that appears in the lower box, and verify that your local bitcoin database soon contains the 20 bytes string of your choise. But you can also take that address and input it into the search box in the upper right of blockchain.info and see that this recipent [your 20 bytes] indeed is addressed exactly as you specified (it's called the Hash 160) and just trust me that it'll be stored exactly so on the physical disk as well.

Now, how do we know what 20 bytes to send? To make a long story short, I've converted all virus signatures that I could find from an open project http://www.nlnetlabs.nl/downloads/antiv ... es.strings into 20 byte long strings and later into bitcoin addresses [all signatures equal to or longer than 20 strings has been used.. the short ones have just been padded with zeros]. If I put all those "viruses" into one file, it causes virus-total to go nuts http://www.virustotal.com/en/file/ad357 ... 396453693/
Imagine having that forever in the bitcoin database files. This is far from being the best you can do with injecting stuff into the bitcoin database (there are for example better virus signatures and alike out there that can be used). But this should work pretty well, and cause a lot of havoc and annoyance.

By using the brainwallet.org converter above, you can easily convert the bitcoin addresses to hex and see that those comes solely from the virus definition database. When the coins are sent to those addresses, they are lost forever since nobody owns those addresses.

Please help spamming the bitcoin database with virus signatures :). Pick some address at random, check that it haven't been corrupted (use brainwallet and he virus signature list), and send a minimal amount of coins to that address.

I've failed miserably at this point, since I lack bitcoins. I thought I'd have enough by now (I've long fought to get some BTC), but aparently it wasn't enough (you need a minimum amount of fractions of a bitcoin to be able to send anything).

The addresses are available here: pastebin.com/ct2WHUK5 (there's no point in altering those for your own winning sake.. even if you get thousands of those minimal required transaktion amounts.. they'll combined have a value less than the price of a biscuit).


User avatar

Hero Member
Hero Member

Posts: 1718

Joined: Mon Jan 29, 2007 2:59 pm

Post Tue Apr 08, 2014 12:20 pm

Re: Attacking a whole world wide economical community

And this is ethical, how? ???
~ hayabusa ~ 

"All men can see these tactics whereby I conquer,
but what none can see is the strategy out of which victory is evolved."
- Sun Tzu, 'The Art of War'

OSCE, OSCP (Former - GPEN, C|EH - both expiring / expired)

Return to Cyber Warfare

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software