RiskOperational RiskResearchers Identify Malware Threat to Virtual Currency Transactions

Researchers Identify Malware Threat to Virtual Currency Transactions

Cyberthreat researchers at the International Criminal Police Organisation, aka Interpol have identified a threat to the blockchain in virtual currency transactions, which could result in their being embedded with malware or other illegal data such as child abuse images.

Antivirus and software security specialist Kaspersky Lab, which has a representative on the research team, says that depending on the cryptocurrency and its protocols, there is a fixed open space on the blockchain – the public ‘ledger’ of transactions – where data can be stored, referenced or hosted within encrypted transactions and their records.

It is this open space which was identified as the potential target for malware by experts in the research and innovation unit at Interpol’s global complex for innovation (IGCI), says Kaspersky Lab.

The design of the blockchain means there is the possibility of malware being injected and permanently hosted with no methods currently available to wipe this data. This could affect ‘cyber hygiene’, as well as the sharing of child sexual abuse images, where the blockchain could become a safe haven for hosting such data.

It could also enable crime scenarios in the future such as the deployment of modular malware, a reshaping of the distribution of zero-day attacks, as well as the creation of illegal underground marketplaces dealing in private keys which would allow access to this data.

“To conduct this type of research and identify new cyberthreats were among the key aims behind the creation of the Interpol ICGI,” said its executive director, Noboru Nakatani.

“Having identified this threat, it is now important for Interpol to spread awareness amongst the public and law enforcement, as well as encourage support from communities working in this field to find solutions for the potential blockchain ‘abuse’.

Vitaly Kamluk, principal security researcher at Kaspersky Lab,” commented: “The core principle of our research is to forewarn about potential future threats coming from decentralised systems based on blockchains.

“While we generally support the idea of blockchain-based innovations we think that’s it is our duty, as a part of the security community, to help the developers make such technologies sustainable and useful for the purpose they were intended for. We hope that bringing potential problems to light now will help in improving such technologies in the future and will make it more difficult for them to be used for any malicious purpose.”

Related Articles

The common denominator: the must-consider-aspects of a treasury management system implementation

Industry Sectors The common denominator: the must-consider-aspects of a treasury management system implementation

4w Katja Franz
The Challenge of Building and Maintaining a Central Treasury Operation in a Decentralized Company

EEA The Challenge of Building and Maintaining a Central Treasury Operation in a Decentralized Company

3m BELLIN
The Treasury Challenge of a Post-Merger Integration

EEA The Treasury Challenge of a Post-Merger Integration

3m BELLIN
The Challenge of Integrating Worldwide Subsidiaries into one TMS

Baltics The Challenge of Integrating Worldwide Subsidiaries into one TMS

3m BELLIN
Q&A with BMG's treasury : BELLIN - We Love Treasury 2

EEA Q&A with BMG's treasury : BELLIN - We Love Treasury 2

3m BELLIN
PSD2: dull name, but seismic effect

Clearing & Settlement PSD2: dull name, but seismic effect

3m Alex Kwiatkowski
2017's most read: Correspondent banking: still in rude health?

Bank Relationships 2017's most read: Correspondent banking: still in rude health?

4m Henry Balani
2017's most read: The future of cash management: the single multi-currency virtual account

Accounts Payable 2017's most read: The future of cash management: the single multi-currency virtual account

4m Matthew Fuellhart