The most popular and comprehensive Open Source ECM platform
Malicious bots are doing blockchain.
Researchers at Akamai have discovered a type of bot that can automatically update itself with new versions of software and new mother ship location information. Bots can interact with cron or system scheduling systems and set up jobs that will check for software updates and download and install them as they become available. When the master computers that are controlling the bots are taken down though, bots would normally be disabled because they become orphaned.
The new behavior noticed in one type of bot is the ability to retrieve data from a blockchain like Bitcoin and get updated encrypted IP information about the IP for new servers as they come back online. For example, the digits of an IP address could correspond to the dollar or cryptocurrency amounts sent to a blockchain account known by the bot — for example $.11, $.02,…
Evyatar Saias, one of the researchers at Akamai, said that “the primary goal is to be able to recover from offensive actions taken against the botnet. They leverage the blockchain to do that because it is decentralized and won’t be taken down. You would need to effectively ban the wallet from inquiries on public blockchain explorer platforms — of which there are many.” It would take time or be very difficult to prevent the bot from accessing new data.
Saias wrote that “this discovery and technique have serious implications for tracking, defending against, and taking down botnets by researchers, infrastructure operators, and law enforcement. Seizing domains, taking over servers, and sinkholing active infections could prove to be very difficult.”