This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Community Blog
Subscribe to the official NetWitness Community blog for information about new product features, industry insights, best practices, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

An introduction to Cryptocurrency

AhmedSonbol1
Employee
Employee
‎2017-07-20 12:29 PM

The idea of a mathematically secure chain of blocks was first mentioned in 1991, first conceptualized as digital currency in 1998 as "Bit Gold" and first implemented as decentralized digital currency as "Bitcoin" in 2009.

Blockchain is nothing but chronological chain of blocks where every block contains a set of transactions/records and a reference to the previous block. This idea of a blockchain helps in establishing a digital ledger; which is immutable and can be distributed in a way that peers in the network can come to a global consensus on adding new blocks and also agree on the true state of ledger. This ledger is not at one place but its copies are with all the participants in the distributed network. These copies are updated at same time when all the participants come to a consensus. The privacy and anonymity depends upon the implementation of blockchain.

Blockchain can be implemented in many areas such as finance, banking and real estate. There are a wide variety of implementations already in the market. However, the biggest implementation is in the field of cryptocurrency. There are many cryptocurrencies available and two major currencies are Bitcoin and Ethereum.


Bitcoin is a digital payment system and a cryptocurrency. It can be used for transactions all over the world with no central authority or bank involved. There are participant nodes in Bitcoin network that have the copies of Bitcoin distributed ledger. Six times every hour, a group of transactions is collected in a block and that block is added to the blockchain. Then all the participating nodes are synced with this change in the blockchain.

Adding new blocks to the chain is called mining. The miners do the following:

  1. They verify if the transactions are valid which helps resolving double-spending problem (i.e. same digital token is spent twice).
  2. Group transactions in a block.
  3. Give reference of the most recent block in the new block about to get created.
  4. Solve a mathematical proof-of-work problem. This is the step where race starts between all the miners and the winner add the new block in the chain and get funds in the mined currency as a reward.
  5. When the mathematical problem is solved the new block is added and the change is communicated along the network with all participating nodes.

The following graph by PwC can help you in understanding the flow of a transaction in the world of cryptocurrency [1].

 

                           pwc_blockchain.jpg

With the rise of ransomware in the past couple of years, cryptocurrency and in particular Bitcoin gained more popularity. Due to the level of anonymity it provides, Bitcoin became the criminals’ preferred currency to receive the ransom thus playing an important part in the ransomware ecosystem. In the aftermath of a ransomware attack victims hasten to follow the criminal instructions in order to buy bitcoins and to pay the ransom to recover their files. There is no guarantee that a victim would get its data back and the general advice is not to pay the ransom [2]. However, for some organizations that fall victims to those attacks that is not an option and they are more willing to take the risk. In fact some companies started stockpiling Bitcoins in anticipation of ransomware attacks so they can recover their data as quickly as possible [3].

Another threat to organizations is the rise of cryptocurrency mining malware. This class of malicious software infects a victim machine and enrolls it in a larger mining botnet. Cryptocurrency mining uses a lot of system resources and might degrade its performance. Recently Proofpoint security researches released a report about Adylkuzz cryptocurrency mining malware [4]. Adylkuzz was spreading via EternalBlue/DoublePulsar exploits and was used to mine Monero; a cryptocurrency that has enhanced anonymity capabilities and used in the dark web markets.

Cryptocurrency is not a new technology but as it is getting more attention, it is our hope that this post can help in answering some of the basic questions. Future advisories will cover any emerging threats in that domain and will shed some light on detection techniques using RSA technologies.

Thanks to Prakhar Pandey for contributing to this blog post.

References:

  1. https://www.pwc.com/us/en/financial-services/fintech/bitcoin-blockchain-cryptocurrency.html
  2. https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise
  3. http://www.nbcnews.com/storyline/hacking-of-america/companies-stockpiling-bitcoin-anticipation-ransomware-attacks-n761316
  4. https://www.proofpoint.com/us/threat-insight/post/adylkuzz-cryptocurrency-mining-malware-spreading-for-weeks-via-eternalblue-doublepulsar
© 2022 RSA Security LLC or its affiliates. All rights reserved.