Over the past twenty years, the number of devices connected
to the Internet grew exponentially. Botnets bene ted from this rise to
increase their size and the magnitude of their attacks. However, they still
have a weak point in their Command & Control (C&C) system, which
is often based on centralized services or require a complex infrastructure
to keep operating without being taken down by authorities. The recent
spread of blockchain technologies may give botnets a powerful tool to
make them ...
Over the past twenty years, the number of devices connected
to the Internet grew exponentially. Botnets bene ted from this rise to
increase their size and the magnitude of their attacks. However, they still
have a weak point in their Command & Control (C&C) system, which
is often based on centralized services or require a complex infrastructure
to keep operating without being taken down by authorities. The recent
spread of blockchain technologies may give botnets a powerful tool to
make them very hard to disrupt. Recent research showed how it is possi-
ble to embed C&C messages in Bitcoin transactions, making them nearly
impossible to block. Nevertheless, transactions have a cost and allow very
limited amounts of data to be transmitted. Because of that, only mes-
sages from the botmaster to the bots are sent via Bitcoin, while bots
are assumed to communicate through external channels. Furthermore,
for the same reason, Bitcoin-based messages are sent in clear. In this pa-
per we show how, using Bitcoin Testnet, it is possible to overcome these
limitations and implement a cost-free, bidirectional, and encrypted C&C
channel between the botmaster and the bots. We propose a communica-
tion protocol and analyze its viability in real life. Our results show that
this approach would enable a botmaster to build a robust and hard-to-
disrupt C&C system at virtually no cost, thus representing a realistic
threat for which countermeasures should be devised.
+