Interpol Identifies Malware Threat To Virtual Currencies

Posted by: Benjamin Vitáris

October 31, 2015

The Singapore department of Interpol in a cyber threat research have identified a threat to the blockchain in virtual transactions, which could result in their being embedded with malware or other illegal data, including child abuse images.

It depends on the type of the virtual currency and its protocols, however, there is a fixed space on the blockchain, which is the public ledger of the transactions, this is the place where the data can be stored, referenced or hosted within the encrypted records and transactions.

This open space was identified as the potential target for malware by tech experts, Interpol and another expert from the Kaspersky Lab, in the Research and Innovation unit at Interpol’s Global Complex for Innovation (IGCI).

At the current design of the blockchain, there is a possibility of being injected by malware and permanently hosted. Currently, there are no methods available to wipe the data. This could also affect cyber hygiene as well since child pornography images can be attached to the open space of the blockchain and this method could be used for distributing child porn images.

This threat could also create crime scenarios in the future, such as the deployment of modular malware, a reshaping of the distribution of zero-day attacks and could also affect the hosting of illegal underground marketplaces dealing in private keys, which would allow access to this data.

IGCI Executive Director Noboru Nakatani has made this statement:

“To conduct this type of research and identify new cyberthreats were among the key aims behind the creation of the INTERPOL Global Complex for Innovation. Having identified this threat, it is now important for INTERPOL to spread awareness amongst the public and law enforcement, as well as encourage support from communities working in this field to find solutions for the potential blockchain ‘abuse’. In addition to our own experts, the research was conducted with support from a specialist from Kaspersky Lab based at the IGCI which again underlines the value of sharing expertise between the public and private sectors.”

The research was unveiled at the Black Hat Asia 2015 event in Singapore, just weeks before the official inauguration of the IGCI.

Updated: 2015-10-31