Presentation is loading. Please wait.

Presentation is loading. Please wait.

BOTCOIN Bitcoin-Mining on Botnets

Published byEmory Robbins Modified over 6 years ago

Similar presentations

Presentation on theme: "BOTCOIN Bitcoin-Mining on Botnets"— Presentation transcript:

1 BOTCOIN Bitcoin-Mining on Botnets
Univ of California San Diego Computer Science and Engineering BOTCOIN Bitcoin-Mining on Botnets Danny Y. Huang Hitesh Dharmdasani, Sarah Meiklejohn Vacha Dave, Chris Grier, Damon McCoy Stefan Savage, Nicholas Weaver Alex C. Snoeren, Kirill Levchenko

2 Motivation Unique IP address  Money Spam  $$$ Click-fraud  $$$
Computational Power  Money Mining Bitcoins 100% CPU  $$$

3 Motivation Loss in productivity High electricity bill Scale?
Kevin Loss in productivity High electricity bill Scale? Who? Operations? Profitable? Implications? Bitcoin-mining in relation to spam/click-fraud?

4 What we learned about botnets:
Contributions What we learned about botnets: Identities Modus Operandi Revenue Implications

5 How you can make bitcoins
Pick a different integer Apply SHA-256 on integer Mining App Takes 100+ years P2P Network Found hash collision Get

6 Mining Pools Free! Parallelizes hashing. Finds solution faster.
Workers divide reward. BUT: Hardware costs Energy costs Mining Pool Free! miner.exe my_wallet 6

7 We want to identify these botnets!
Botnet Mining Mining Pool Pool pays botnet Malware connects to pool We want to identify these botnets! Victim Victim Victim miner.exe botnet_wallet

8 Finding the Mining Malware
Malware Databases Threat Expert, Emerging Threats, … 2,000 binaries 10 botnets Bitcoin Malware Reports / Blogs Leaked Data Interviews with Pools

9 Examples of Mining Botnets
ZeroAccess Spamming, click-fraud Bitcoin-mining FeodalCash Affiliate program Zenica xfhp.ru Fareit Dload asia Hitma UK misc gamers BMControl bitcoin wallet addresses in public cloud

10 Outline Identities Identities Modus Operandi Modus Operandi Revenue
What we learned about botnets: Identities Identities 2,000 binaries 10 botnets Modus Operandi Modus Operandi e.g. affiliate program, wallet addresses in cloud Revenue Revenue Implications

11 Botnet Mining Revenue ZeroAccess FeodalCash BMControl
Lots of challenges! Gather botnet wallet addresses ZeroAccess FeodalCash 486 bitcoins in 1 year 168 bitcoins in 3 months 3,000 bitcoins Look up in public ledger (i.e. blockchain) BMControl Examine payments from mining pool (Meiklejohn et al)

12 Botnet Revenue in Bitcoins

13 Botnet Revenue in US Dollars

14 Mining Revenue

15 Mining Revenue My CPU $0.002/day BMControl $300/day My CPU $0.20/day

16 Number of New Botnet Mining Operations Litecoin Mining Revenue
Different hash function - Bitcoin: SHA-256 - Litecoin: Scrypt Litecoin Mining Revenue

17 Outline Identities Identities Modus Operandi Modus Operandi Revenue
What we learned about botnets: Identities 2,000 binaries 10 botnets Identities Modus Operandi e.g. affiliate program, wallet addresses in cloud Modus Operandi Revenue Revenue 4,000 bitcoins in 2 years Implications Implications

18 Implication & Conclusion
Spam Bitcoin-mining Litecoin-mining *coin-mining Click-fraud

19

20 What we learned about botnets:
Outline What we learned about botnets: Identities Modus Operandi Revenue Implications

Download ppt "BOTCOIN Bitcoin-Mining on Botnets"

Similar presentations

Botcoin: Monetizing Stolen Cycles UC San Diego and George Mason University Presented By: Amanda Watson CSCI 780: Advanced Network Security.

Botcoin: Monetizing Stolen Cycles UC San Diego and George Mason University Presented By: Amanda Watson CSCI 780: Advanced Network Security.
1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.

1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.
Bitcoin is the FUTURE of MONEY!!

Bitcoin is the FUTURE of MONEY!!
On Power Splitting Games in Distributed Computation: The case of Bitcoin Pooled Mining Loi Luu, Ratul Saha, Inian Parameshwaran, Prateek Saxena & Aquinas.

On Power Splitting Games in Distributed Computation: The case of Bitcoin Pooled Mining Loi Luu, Ratul Saha, Inian Parameshwaran, Prateek Saxena & Aquinas.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel 434920317 1.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Click Trajectories: End-to-End Analysis of the spam value chain Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Tristan Halvorson,

Click Trajectories: End-to-End Analysis of the spam value chain Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Tristan Halvorson,
University of Central Florida CAP 6135: Malware and Software Vulnerability Spring 2012 Paper Presentation Dude, where’s that IP? Circumventing measurement-based.

University of Central Florida CAP 6135: Malware and Software Vulnerability Spring 2012 Paper Presentation Dude, where’s that IP? Circumventing measurement-based.
Security Update Vincent BRILLAULT HEPiX Spring 2014, Annecy.

Security Update Vincent BRILLAULT HEPiX Spring 2014, Annecy.
2012 4th International Conference on Cyber Conflict C. Czosseck, R. Ottis, K. Ziolkowski (Eds.) 2012 © NATO CCD COE Publications, Tallinn 朱祐呈.

2012 4th International Conference on Cyber Conflict C. Czosseck, R. Ottis, K. Ziolkowski (Eds.) 2012 © NATO CCD COE Publications, Tallinn 朱祐呈.
J. Anish Dev College of Engineering, Guindy, Anna University Bitcoin mining acceleration and performance quantification.

J. Anish Dev College of Engineering, Guindy, Anna University Bitcoin mining acceleration and performance quantification.
Botnets By: Brandon Sherman. What is a Botnet? Botnet is a term referring to a network of multiple computers being affected by software robots. These.

Botnets By: Brandon Sherman. What is a Botnet? Botnet is a term referring to a network of multiple computers being affected by software robots. These.
Bitcoins – Mining and Trading Jonathan Day, Carpe Diem 18 th July 2013.

Bitcoins – Mining and Trading Jonathan Day, Carpe Diem 18 th July 2013.
1 Bitcoin A Digital Currency. Functions of Money.

1 Bitcoin A Digital Currency. Functions of Money.
Monetizing ZeroAccess With: Chris Grier (Berkeley/ICSI), Vern Paxson (Berkeley/ICSI), Vacha Dave (Microsoft/UCSD), Saikat Guha (Microsoft), Damon McCoy.

Monetizing ZeroAccess With: Chris Grier (Berkeley/ICSI), Vern Paxson (Berkeley/ICSI), Vacha Dave (Microsoft/UCSD), Saikat Guha (Microsoft), Damon McCoy.
CATCHING CLICK-SPAM IN SEARCH AD NETWORKS Vacha Dave +, Saikat Guha ★ and Yin Zhang * + University of California, San Diego ★ Microsoft Research India.

CATCHING CLICK-SPAM IN SEARCH AD NETWORKS Vacha Dave +, Saikat Guha ★ and Yin Zhang * + University of California, San Diego ★ Microsoft Research India.
Empirical Analysis of Search Advertising Strategies BHANU C. VATTIKONDA, VACHA DAVE, SAIKAT GUHA, ALEX C. SNOEREN.

Empirical Analysis of Search Advertising Strategies BHANU C. VATTIKONDA, VACHA DAVE, SAIKAT GUHA, ALEX C. SNOEREN.
Https://cybercamp.es#CyberCamp15 Deanonimization methods in Bitcoin Network Marko Marić.

Deanonimization methods in Bitcoin Network Marko Marić.
Cryptocurrencies: challenges and caveats Khaled Baqer Cambridge University.

Cryptocurrencies: challenges and caveats Khaled Baqer Cambridge University.
1 Bitcoin Bitcoin: A Peer-to-Peer Electronic Cash System – Satoshi Nakamoto A Fistful of Bitcoins: Characterizing Payments Among Men with No Names – Sarah.

1 Bitcoin Bitcoin: A Peer-to-Peer Electronic Cash System – Satoshi Nakamoto A Fistful of Bitcoins: Characterizing Payments Among Men with No Names – Sarah.
First… What is Cryptocurrency? A Cryptocurrency is a digital currency that is created through mathematical engineering (algorithm). It is designed to.

First… What is Cryptocurrency? A Cryptocurrency is a digital currency that is created through mathematical engineering (algorithm). It is designed to.

Similar presentations

Ads by Google