Advantages become disadvantages, researchers say Lightning Network is the best choice for creating botnets

Bitcoin's Lightning Network is a faster and cheaper way to send Bitcoin. But it could also be a more efficient way to send malware.

Researchers from Florida International University stated in a paper published on December 24 that the anonymity of Lightning Network and its lack of censorship make it extremely attractive for botnet attacks. They believe that these characteristics provide many advantages for spreading and remotely controlling malware. They even made a proof-of-concept LNBot themselves-a hidden hybrid botnet that could be used to steal funds.

lightning

Ahmet Kurt, a co-author of the paper and a researcher at the Florida International University's Cyberphysical Systems Security Lab, said:

"We think shutting it down (botnets) is very difficult. We have listed some possible countermeasures, and the community can find some other possible countermeasures to stop this type of attack."

Hackers install malicious software (ie computer viruses) on a large number of computers and use this software to control these computers, forming a botnet. Hackers can then use the computers they control to do evil. The hacker controls the computer through a command and control (C & C) server (the target machine can receive commands from the server, so as to achieve the purpose of the server controlling the target machine, and at the same time, it can hide the personal identity), without revealing its identity .

1

(Schematic: how to attack botnets by spreading malware through Lightning Network)

However, the paper states that hackers realize that it is difficult for them to maintain a centralized C & C server without detection. As a result, they tried more hidden channels, such as social media networks, but it made no sense if some users did not log in to their accounts frequently. As a result, hackers started experimenting with peer-to-peer technologies such as Bitcoin. But in Bitcoin, all instructions are public and hackers can easily expose them. So none of these options work.

In contrast, Bitcoin's expansion plan-Lightning Network-is likely to be the best option for hackers to control botnets.

The Lightning Network is a two-tier capacity expansion solution built on the Bitcoin blockchain, which can process more transactions at a lower cost. You can trade with anyone at any time, and any party has the right to close the transaction channel and settle on the Bitcoin blockchain.

The researchers stated:

"In this article, we propose that Lightning Network with the above features (ie faster transactions and low cost) is an ideal botnet C & C infrastructure. Specifically, Lightning Network provides a lot of botnet attackers There are no advantages over existing technologies. "

The advantages of the Lightning Network are: first, the anonymity of transactions is much higher, and not all transactions are publicly recorded on the ledger-unlike Bitcoin. However, this means that an attacker can communicate with the C & C server more secretly.

Second, knowing the location of one C & C server does not reveal the location of other C & C servers-this gives attackers multiple ways to control botnets. Although there is a glimmer of hope:

"Although shutting down the C & C server will neither expose the originator of the botnet nor block the entire botnet, it will shut down a portion of the botnet, thereby reducing harm to the victims."

Third, according to researchers, communications from C & C servers cannot be censored. Because the Lightning Network is a peer-to-peer network, there is no authoritative organization to specify what information can be transmitted and what information cannot be transmitted. Although there are watchtowers to resolve disputes, these watchtowers do not have the authority to review information. Therefore, Lightning Network is the perfect choice for the rapid development of botnets.

If a botnet is built on the Lightning Network, the results can be disastrous. An attacker would be able to control a Lightning Network node (the computer responsible for running the network) to make payments. This will completely destroy this network.

And the cost is not high.

The paper states that the cost of running 100 C & C servers is 0.06 bitcoin, and at the current bitcoin price of $ 7,270, it costs only $ 436.

"This is a one-time investment cost. LNBot consisting of 100 C & C servers. Considering that each C & C server can control thousands of robots, this is a very small amount."

These attacks fit perfectly with the current version of Lightning Network, and there is little to stop them. Researchers built 100 real-time C & C servers and run them on today's network. They don't need to make any changes at all. In addition, the paper states that Lightning Network developers are adding a feature that may make it harder for botnets to be destroyed.

Kurt says:

"The purpose of this research is to make security researchers and Lightning Network developers think about how to stop this situation."

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

Xiaoyan follow-up: CZ, Nathan Kaiser, ten "big coffee" in the same box, market, trading, technology, all the nets

The Asian Block Summit was held in Taipei on July 2nd and 3rd. The summit focused on “blockchain business ...

Blockchain

Hilariously Hot Crypto Drama: FTX and Genesis Global Trading Settle for a Cool $175 Million

Bankruptcy Court Approves $175 Million Settlement between Cryptocurrency Companies FTX and Genesis in New York

Blockchain

The user information of the currency circle has been leaked on a large scale, and the fire currency and the currency security have issued risk warnings one after another.

On August 6th, a large number of users of the currency said that they received a call from a customer service company...

Market

Latest Interview with Zhao Changpeng: Being "Under the Microscope" of Regulation, Market is Recovering in Bearish Period

On May 29th, Binance CEO Changpeng Zhao gave an interview to Bankless discussing his views on the current state of th...

Blockchain

Yesterday, 340,000 ETH on the Upbit exchange was stolen, but this server was attacked ...

Author: Chengdu chain security According to industry media reports, around 1 pm on November 27, the security system o...

Opinion

Former close friend to testify against SBF, list of other witnesses revealed.

SBF's trial started on October 2nd, and his once closest friends will testify in court, becoming his biggest threat. ...